Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

PC lent
 
 

141 utilisateurs inconnus
Ajouter une réponse
S'inscrireAide
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Bas de page 
Auteur
 Sujet :

PC lent

Prévenir les modérateurs en cas d'abus 
n°543390
Info45
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/02/2012 à 16:20:47  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
Bonjour,
 Est-ce que quelqu'un pourrait m'aider à nettoyer mon PC
 Ma Config : XP édition familiale V5.1 SP3 à jour
 Avira Free Antivirus V12.0.0.190 à jour
 Zone Alarm Free Firewall V9.2.105
 Mozilla FireFox
 Mon Pb : PC lent mais particulièrement lent lorsque j'ouvre Firefox alors que pas de ralentissement suplémentaire avec InternetExplorer.
 J'ai scanné mon système avec Avira après 5h d'analyse 30% de mon système 3 trojans détectés et mis en quarantaine.
 J'ai relancé Avira de nuit le lendemain matin PC planté donc aucun rapport d’analyse
 Je viens de relancer le scan 6h d’analyse 40%
 Autre Pb dernièrement rencontré lors de la mise à jour de ZoneAlarm ce dernier est resté bloqué à la phase d’initialisation suite à cela j’ai dû réinstaller la version antérieure c’est à dire V9.2.105
 Merci par avance de votre aide

n°543391
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/02/2012 à 19:22:20  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
Hello,

 Télécharge RSIT (de random/random) sur le bureau :

 - Sur le bureau, double clique sur RSIT.exe ;
 - Clique sur Continue (Disclaimer) dans la fenêtre ;

 Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.

 Une fois l’analyse achevée, 2 fichiers texte s’ouvriront (avec le bloc-notes).

 Poste le contenu de log.txt (celui qui apparaît à l’ écran) ainsi que info.txt (que tu trouveras dans le dossier "rsit" qui est à la base du disque dur).

 Tutoriel ->  ici

(Publicité)
n°543392
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/02/2012 à 22:54:10  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 

 

kmisol a écrit :

Hello,

 Télécharge RSIT (de random/random) sur le bureau :

 - Sur le bureau, double clique sur RSIT.exe ;
 - Clique sur Continue (Disclaimer) dans la fenêtre ;

 Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.

 Une fois l’analyse achevée, 2 fichiers texte s’ouvriront (avec le bloc-notes).

 Poste le contenu de log.txt (celui qui apparaît à l’ écran) ainsi que info.txt (que tu trouveras dans le dossier "rsit" qui est à la base du disque dur).

 Tutoriel ->  ici

 




 Merci pour votre réponse je vais faire cette manip
 Entre temps mon scan s'est terminé sans avoir détecté d'autre pb après 8h20 d'analyse pour un disque dur de 100Go !
 Autre chose un process updater me parait suspect je l'ai tué mon pc a gagné en vitesse je crains qu'il ne redémarre à la prochaine ouverture de windows, je vais lancer Malwarebytes cette nuit des fois que !
 Bonne nuit à demain.

n°543393
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/02/2012 à 23:03:03  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
...

 Comme tu veux ; mais, il aurait été bon de poster les rapports demandés !

n°543394
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/02/2012 à 23:24:10  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 

 

kmisol a écrit :

...

 Comme tu veux ; mais, il aurait été bon de poster les rapports demandés !

 




 Voici les rapports

 ----------------------- Log.txt-----------------------​-------
 Logfile of random's system information tool 1.09 (written by random/random)
 Run by Shot at 2012-02-06 23:14:11
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 4 GB (15%) free of 30 GB
 Total RAM: 1014 MB (39% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 23:14:59, on 06/02/2012
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\csrss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe
 C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe
 C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e
 c:\APPS\HIDSERVICE\HIDSERVICE.​exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
 C:\WINDOWS\system32\svchost.ex​e
 c:\APPS\Powercinema\Kernel\TV\​CLSched.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\WINDOWS\AGRSMMSG.exe
 C:\Program Files\Ask.com\Updater\Updater.​exe
 C:\WINDOWS\system32\igfxtray.e​xe
 C:\WINDOWS\system32\hkcmd.exe
 C:\WINDOWS\system32\igfxpers.e​xe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\SuperCopier2\SuperCopier​2.exe
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
 C:\Program Files\Orbitdownloader\orbitdm.​exe
 C:\WINDOWS\system32\taskmgr.ex​e
 C:\WINDOWS\System32\alg.exe
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\WINDOWS\system32\wbem\wmipr​vse.exe
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
 C:\Documents and Settings\Shot\Bureau\RSIT.exe
 C:\WINDOWS\system32\wbem\wmipr​vse.exe
 C:\Program Files\trend micro\Shot.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.conduit.com?Sear [...] =CT2613520
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKCU\Software\Microsoft\Intern​et Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B07​3EFC214} - C:\Program Files\Orbitdownloader\orbitcth​.dll
 O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-76883​4316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.d​ll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723​696E350} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O2 - BHO: Protection ZoneAlarm - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E​116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
 O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL
 O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll
 O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O3 - Toolbar: PrivBar - {300BC64A-BF32-4cc8-8917-91148​CEFE700} - c:\progra~1\DropMyRights\PrivB​ar.dll
 O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.​dll
 O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMI​G.EXE" /Spoil /RemAdvDef /Migration32
 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /SYNC
 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /IMEName
 O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.​exe"
 O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier​2.exe
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: MonacoGamma.lnk = C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe
 O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/201
 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/204
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPho​tos.scr/200
 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/203
 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/202
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36​D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEB​ar.dll
 O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36​D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEB​ar.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1​AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\​IE\offline\fr.htm
 O16 - DPF: {2C7B74DE-3A9E-4CD3-A8DB-47411​E9680A8} (VirginMega.DML.Interface) - http://alice.vm-wl.com/Telecha [...] nLight.cab
 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4​f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelpe​r.dll
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696​A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips- [...] loader.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O18 - Protocol: bw+0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw+0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9​B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: offline-8876480 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
 O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe
 O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\​CLSched.exe
 O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe
 O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.ex​e
 O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
 O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e
 O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.​exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe
 O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLn​ch.exe
 O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.ex​e
 O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
 O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe
 O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe (file missing)
 O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.ex​e
 O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
 O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.e​xe
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe
 O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.e​xe
 O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService​.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
 O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiap​srv.exe
 O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 --
 End of file - 27197 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AdobeAAMUpdat​er-1.0-SN012345678912-Utilisat​eur.job
 C:\WINDOWS\tasks\ParetoLogic Registration3.job
 C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

 =========Mozilla firefox=========

 ProfilePath - C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default

 prefs.js - "browser.search.useDBForOrder" -  true
 prefs.js - "browser.startup.homepage" -  "file:///E:/Travail/Informatiq​ue/Develop/FrontPage/MonSiteWe​b/index.htm|http://www.infos-d​u-net.com/forum/9869-10-ntfs-f​at32|http://www.jurixt.com/xp/​xp_15.htm|http://www.trucs-et-​astuces-windows.com/technique_​pc/choix_ntfs_fat.html"
 prefs.js - "extensions.enabledItems" -  "{20a82645-c095-46ed-80e3-0882​5760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20, jqs@sun.com:1.0, smartwebprinting@hp.com:4.51, {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5}:2.7.1.3, {35379F86-8CCB-4724-AE33-4278D​E266C70}:1.0.5, {972ce4c6-7e08-4474-a285-32081​98ce6fd}:3.6.17"
 prefs.js - "keyword.URL" -  "chrome://browser-region/local​e/region.properties"

 "{20a82645-c095-46ed-80e3-0882​5760534b}"=C:\WINDOWS\Microsof​t.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\
 "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs​\ff
 "smartwebprinting@hp.com"=C:\P​rogram Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@adobe.com/FlashP​layer]
 "Description"=Adobe® Flash® Player 10.1 Plugin
 "Path"=C:\WINDOWS\system32\Mac​romed\Flash\NPSWF32.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@canon.com/Mycame​raPlugin]
 "Description"=Canon MycameraPlugin
 "Path"=C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@checkpoint.com/F​FApi]
 "Description"=ZoneAlarm Toolbar Api
 "Path"=C:\Program Files\CheckPoint\ZAForceField\​TrustChecker\bin\npFFApi.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@google.com/npPic​asa3,version=3.0.0]
 "Description"=Picasa3 plugin
 "Path"=C:\Program Files\Picasa3\npPicasa3.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@microsoft.com/WL​PG,version=14.0.8117.0416]
 "Description"=WLPG Install MIME type
 "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@microsoft.com/WP​F,version=3.5]
 "Description"=Windows Presentation Foundation plug-in for Mozilla browsers
 "Path"=C:\WINDOWS\Microsoft.NE​T\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@viewpoint.com/VM​P]
 "Description"=Viewpoint Media Player for Mozilla
 "Path"=C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\Adobe Reader]
 "Description"=Handles PDFs in-place in Firefox
 "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\yaxmpb@yahoo.com/​YahooActiveXPluginBridge;versi​on=1.0.0.1]
 "Description"=Yahoo! activeX Plug-in Bridge
 "Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.d​ll

 C:\Program Files\Mozilla Firefox\extensions\
 {972ce4c6-7e08-4474-a285-32081​98ce6fd}

 C:\Program Files\Mozilla Firefox\components\
 binary.manifest
 browsercomps.dll
 nsIQTScriptablePlugin.xpt

 C:\Program Files\Mozilla Firefox\plugins\
 np-mswmp.dll
 npdeployJava1.dll
 NPOFFICE.DLL
 nppdf32.dll
 nppdf32.FRA
 npqtplugin.dll
 npqtplugin2.dll
 npqtplugin3.dll
 npqtplugin4.dll
 npqtplugin5.dll
 npqtplugin6.dll
 npqtplugin7.dll
 np_gp.dll
 nsIQTScriptablePlugin.xpt
 QuickTimePlugin.class
 WMP Firefox Plugin License.rtf
 WMP Firefox Plugin RelNotes.txt

 C:\Program Files\Mozilla Firefox\searchplugins\
 amazon-france.xml
 bing.xml
 cnrtl-tlfi-fr.xml
 eBay-france.xml
 google.xml
 wikipedia-fr.xml
 yahoo-france.xml

 C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\extensions\
 toolbar@ask.com
 {20a82645-c095-46ed-80e3-08825​760534b}
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5}

 C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\searchplugins​\
 askcom.xml
 conduit.xml

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
 Octh Class - C:\Program Files\Orbitdownloader\orbitcth​.dll [2010-12-08 237681]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
 Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
 HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.d​ll [2009-09-20 328248]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2012-01-03 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
 Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2012-01-04 1514152]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
 Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-25 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-05-25 79648]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
 HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - Copernic Agent - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL [2004-12-02 1066968]
 {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - &PixVue - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll [2005-10-02 2420736]
 {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]
 {300BC64A-BF32-4cc8-8917-91148​CEFE700} - PrivBar - c:\progra~1\DropMyRights\PrivB​ar.dll [2005-10-14 233472]
 {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.​dll [2010-12-08 684032]
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]
 {D4027C7F-154A-4066-A1AD-4243D​8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2012-01-04 1514152]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "IMJPMIG8.1"=C:\WINDOWS\IME\im​jp8_1\IMJPMIG.EXE [2004-08-05 208952]
 "PHIME2002ASync"=C:\WINDOWS\sy​stem32\IME\TINTLGNT\TINTSETP.E​XE [2004-08-05 455168]
 "PHIME2002A"=C:\WINDOWS\system​32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
 "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDA​ShCut.exe [2005-01-07 61952]
 "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe [2005-06-20 729178]
 "AGRSMMSG"=C:\WINDOWS\AGRSMMSG​.exe [2005-05-11 88204]
 "NeroFilterCheck"=C:\WINDOWS\s​ystem32\NeroCheck.exe [2001-07-09 155648]
 ""= []
 "ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.​exe [2012-01-04 1391272]
 "IgfxTray"=C:\WINDOWS\system32​\igfxtray.exe [2007-01-13 131072]
 "HotKeysCmds"=C:\WINDOWS\syste​m32\hkcmd.exe [2007-01-13 163840]
 "Persistence"=C:\WINDOWS\syste​m32\igfxpers.exe [2007-01-13 135168]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-12-16 258512]
 "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2011-02-18 1043968]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "CTFMON.EXE"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]
 "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier​2.exe [2006-07-07 1052672]
 "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
 "AdobeBridge"= []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e ARM]
 C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2012-01-02 843712]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
 C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\U​pdaterStartupUtility.exe [2011-03-15 499608]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
 C:\Program Files\Fichiers communs\Adobe\CS5.5ServiceMana​ger\CS5.5ServiceManager.exe [2011-01-12 1523360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ASuite]
 F:\OI\Tutorom\Asuite1512\asuit​e.exe []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\DAEM​ON Tools Lite]
 C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\HP Software Update]
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LDM]
 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe [2007-03-12 36864]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
 C:\Program Files\Fichiers communs\Logitech\LComMgr\Commu​nications_Helper.exe [2006-10-31 284184]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
 C:\Program Files\Logitech\QuickCam10\Quic​kCam10.exe [2006-11-15 746520]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LVCOMSX]
 C:\Program Files\Fichiers communs\Logitech\LComMgr\LVCom​SX.exe [2006-11-15 244512]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PCMService]
 c:\Apps\Powercinema\PCMService​.exe [2005-05-11 127118]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RealTray]
 C:\Program Files\Real\RealPlayer\RealPlay​.exe [2006-06-22 26112]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RetroExpress]
 C:\PROGRA~1\RETROS~1\RETROS~1.​5\RetroExpress.exe [2008-07-16 9499928]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RTHDCPL]
 C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SwitchBoard]
 C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe [2010-02-19 517096]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 MonacoGamma.lnk - C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxdev.dl​l [2007-01-13 204800]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\PixVue]
 C:\Program Files\PixVue.Com\PixVue\bin\Wi​nLogon.DLL [2005-09-23 45056]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
 C:\WINDOWS\system32\WgaLogon.d​ll [2007-03-15 236928]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa]
 "notification packages"=:\WINDOWS\syste

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\vsmon]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=145

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "NoDriveAutoRun"=67108863
 "NoDriveTypeAutoRun"=255
 "HonorAutoRunSetting"=1

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\Orbitdownloader\orbitdm.​exe"="C:\Program Files\Orbitdownloader\orbitdm.​exe:*:Enabled:Orbit"
 "C:\Program Files\Orbitdownloader\orbitnet​.exe"="C:\Program Files\Orbitdownloader\orbitnet​.exe:*:Enabled:Orbit"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:​\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:En​abled:hpiscnapp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="​C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:​Enabled:hpqgplgtupl.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Ena​bled:hpqgpc01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enab​led:hpqusgm.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enab​led:hpqusgh.exe"
 "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Progra​m Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:h​pwucli.exe"
 "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"​="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:​*:Enabled:smartwebprintexe.exe​"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"
 "C:\WINDOWS\system32\ZoneLabs\​vsmon.exe"="C:\WINDOWS\system3​2\ZoneLabs\vsmon.exe:*:Enabled​:vsmon"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:​\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:En​abled:hpiscnapp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="​C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:​Enabled:hpqgplgtupl.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Ena​bled:hpqgpc01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enab​led:hpqusgm.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enab​led:hpqusgh.exe"
 "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Progra​m Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:h​pwucli.exe"
 "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"​="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:​*:Enabled:smartwebprintexe.exe​"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Drivers32]
 "midimapper"=midimap.dll
 "msacm.imaadpcm"=imaadp32.acm
 "msacm.msadpcm"=msadp32.acm
 "msacm.msg711"=msg711.acm
 "msacm.msgsm610"=msgsm32.acm
 "msacm.trspch"=tssoft32.acm
 "vidc.cvid"=iccvid.dll
 "VIDC.I420"=lvcodec2.dll
 "vidc.iv31"=ir32_32.dll
 "vidc.iv32"=ir32_32.dll
 "vidc.iv41"=ir41_32.ax
 "VIDC.IYUV"=iyuv_32.dll
 "vidc.mrle"=msrle32.dll
 "vidc.msvc"=msvidc32.dll
 "VIDC.UYVY"=msyuv.dll
 "VIDC.YUY2"=msyuv.dll
 "VIDC.YVU9"=tsbyuv.dll
 "VIDC.YVYU"=msyuv.dll
 "wavemapper"=msacm32.drv
 "msacm.msg723"=msg723.acm
 "vidc.M263"=msh263.drv
 "vidc.M261"=msh261.drv
 "msacm.msaudio1"=msaud32.acm
 "msacm.sl_anet"=sl_anet.acm
 "msacm.iac2"=C:\WINDOWS\system​32\iac25_32.ax
 "vidc.iv50"=ir50_32.dll
 "msacm.l3acm"=C:\WINDOWS\syste​m32\l3codeca.acm
 "wave"=wdmaud.drv
 "midi"=wdmaud.drv
 "mixer"=wdmaud.drv
 "aux"=wdmaud.drv
 "msacm.siren"=sirenacm.dll
 "MSVideo8"=VfWWDM32.dll
 "MSVideo"=vfwwdm32.dll
 "wave1"=wdmaud.drv
 "midi1"=wdmaud.drv
 "mixer1"=wdmaud.drv
 "aux1"=wdmaud.drv
 "vidc.ptev"=PteVideo.dll
 "VIDC.MPG4"=mpg4c32.dll
 "VIDC.MP42"=mpg4c32.dll

 ======File associations======

 .js - edit -
 .js - open -

 ======List of files/folders created in the last 1 month======

 2012-02-06 23:14:12 ----D---- C:\Program Files\trend micro
 2012-02-06 23:14:11 ----D---- C:\rsit
 2012-02-04 19:23:50 ----A---- C:\WINDOWS\system32\vsregexp.d​ll
 2012-02-04 19:23:47 ----A---- C:\WINDOWS\system32\zlcommdb.d​ll
 2012-02-04 19:23:47 ----A---- C:\WINDOWS\system32\zlcomm.dll
 2012-02-04 19:23:37 ----A---- C:\WINDOWS\system32\vswmi.dll
 2012-02-04 19:23:35 ----A---- C:\WINDOWS\system32\zpeng25.dl​l
 2012-02-04 19:23:35 ----A---- C:\WINDOWS\system32\vsxml.dll
 2012-02-04 19:23:34 ----D---- C:\WINDOWS\system32\ZoneLabs
 2012-02-04 19:23:34 ----A---- C:\WINDOWS\system32\vspubapi.d​ll
 2012-02-04 19:23:34 ----A---- C:\WINDOWS\system32\vsmonapi.d​ll
 2012-02-04 19:23:30 ----A---- C:\WINDOWS\system32\vsdatant.s​ys
 2012-02-04 19:23:29 ----D---- C:\Program Files\Zone Labs
 2012-02-04 19:22:37 ----A---- C:\WINDOWS\system32\vsdata.dll
 2012-02-04 19:22:36 ----A---- C:\WINDOWS\system32\vsutil.dll
 2012-02-04 19:22:36 ----A---- C:\WINDOWS\system32\vsinit.dll
 2012-02-04 19:19:45 ----D---- C:\WINDOWS\Internet Logs
 2012-02-04 18:54:58 ----D---- C:\Program Files\Conduit
 2012-02-04 18:54:53 ----D---- C:\Program Files\Protection_ZoneAlarm
 2012-02-04 18:54:02 ----AH---- C:\WINDOWS\system32\zllictbl.d​at
 2012-02-04 18:53:51 ----A---- C:\WINDOWS\system32\vsutil_loc​040c.dll
 2012-02-04 13:49:06 ----D---- C:\Documents and Settings\All Users\Application Data\CheckPoint
 2012-01-22 22:21:25 ----D---- C:\Documents and Settings\All Users\Application Data\Retrospect
 2012-01-22 18:25:45 ----D---- C:\Documents and Settings\Shot\Application Data\Avira
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​kmgr.sys
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​ipbb.sys
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​gntflt.sys
 2012-01-22 18:07:17 ----D---- C:\Program Files\Avira
 2012-01-22 18:07:17 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
 2012-01-19 09:13:26 ----HDC---- C:\WINDOWS\$NtUninstallKB25855​42$
 2012-01-16 11:17:59 ----HDC---- C:\WINDOWS\$NtUninstallKB26465​24$
 2012-01-16 11:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB26318​13$
 2012-01-16 11:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB25984​79$
 2012-01-16 11:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB26033​81$
 2012-01-16 11:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB25841​46$

 ======List of files/folders modified in the last 1 month======

 2012-02-06 23:14:28 ----D---- C:\WINDOWS\Prefetch
 2012-02-06 23:14:18 ----D---- C:\WINDOWS\Temp
 2012-02-06 23:14:12 ----RHD---- C:\Program Files
 2012-02-06 23:10:15 ----D---- C:\Documents and Settings\Shot\Application Data\Orbit
 2012-02-06 23:08:12 ----D---- C:\WINDOWS\system32\CatRoot2
 2012-02-06 23:06:37 ----A---- C:\WINDOWS\SchedLgU.Txt
 2012-02-06 14:39:30 ----SHD---- C:\System Volume Information
 2012-02-06 14:37:44 ----D---- C:\WINDOWS\system32\NtmsData
 2012-02-06 11:41:09 ----D---- C:\Program Files\CRESUS2
 2012-02-06 11:41:09 ----A---- C:\WINDOWS\win.ini
 2012-02-06 10:16:35 ----D---- C:\WINDOWS\Registration
 2012-02-05 21:27:43 ----HD---- C:\WINDOWS
 2012-02-05 15:53:24 ----SD---- C:\WINDOWS\Tasks
 2012-02-05 11:40:50 ----D---- C:\downloads
 2012-02-04 23:52:51 ----SHD---- C:\WINDOWS\Installer
 2012-02-04 23:52:50 ----D---- C:\Program Files\Ask.com
 2012-02-04 20:07:50 ----HD---- C:\Config.Msi
 2012-02-04 19:24:00 ----AD---- C:\WINDOWS\system32
 2012-02-04 18:54:04 ----D---- C:\Program Files\CheckPoint
 2012-02-04 13:52:40 ----D---- C:\WINDOWS\WinSxS
 2012-02-04 13:33:58 ----RASH---- C:\BOOT.INI
 2012-02-04 13:33:58 ----A---- C:\WINDOWS\system.ini
 2012-02-04 13:21:55 ----D---- C:\Program Files\Geneatique2012
 2012-02-04 13:20:14 ----D---- C:\Documents and Settings\All Users\Application Data\RetroExp
 2012-02-04 09:57:06 ----A---- C:\WINDOWS\NeroDigital.ini
 2012-02-02 17:14:01 ----D---- C:\Program Files\Mozilla Firefox
 2012-01-22 22:24:30 ----D---- C:\Program Files\Retrospect
 2012-01-22 21:55:50 ----D---- C:\Documents and Settings\Shot\Application Data\HPAppData
 2012-01-22 21:19:07 ----D---- C:\WINDOWS\REPAIR
 2012-01-22 18:43:50 ----HD---- C:\WINDOWS\inf
 2012-01-22 18:07:42 ----D---- C:\WINDOWS\system32\drivers
 2012-01-19 09:31:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
 2012-01-19 09:31:40 ----D---- C:\Program Files\Fichiers communs\Adobe
 2012-01-19 09:14:19 ----RSHD---- C:\WINDOWS\system32\dllcache
 2012-01-19 01:07:43 ----HD---- C:\WINDOWS\$hf_mig$
 2012-01-16 11:18:04 ----A---- C:\WINDOWS\imsins.BAK
 2012-01-16 11:12:58 ----A---- C:\WINDOWS\system32\MRT.exe
 2012-01-16 10:40:47 ----D---- C:\Program Files\Adobe
 2012-01-16 10:37:22 ----D---- C:\Documents and Settings\Shot\Application Data\Adobe

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\ag​p440.sys [2008-04-13 42368]
 R0 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\ag​pCPQ.sys [2008-04-13 44928]
 R0 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\al​im1541.sys [2008-04-13 42752]
 R0 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\am​dagp.sys [2008-04-13 43008]
 R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cb​idf2k.sys [2001-08-17 13952]
 R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\Px​Help20.sys [2009-04-17 44944]
 R0 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\si​sagp.sys [2008-04-13 40960]
 R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sp​td.sys [2011-06-02 431672]
 R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\vi​aagp.sys [2008-04-13 42240]
 R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2011-12-16 134856]
 R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\av​kmgr.sys [2011-12-16 36000]
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQ​NTDrv.sys [2002-09-16 4228]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2010-06-17 28520]
 R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws​2ifsl.sys [2004-08-05 12032]
 R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\AS​CTRM.sys [2006-06-22 8552]
 R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\av​gntflt.sys [2011-12-16 74640]
 R2 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.s​ys [2010-05-13 532224]
 R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Af​c.sys [2005-02-23 11776]
 R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AG​RSM.sys [2005-05-13 1094881]
 R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-13 144384]
 R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ig​xpmp32.sys [2007-01-13 5672032]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2005-05-25 3134976]
 R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LV​Pr2Mon.sys [2006-11-15 24736]
 R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2001-08-23 12288]
 R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​lnicxp.sys [2005-03-04 74496]
 R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\Sy​nTP.sys [2005-06-20 190400]
 R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w2​9n51.sys [2004-10-29 3222784]
 R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wa​natw4.sys [2003-01-10 33588]
 S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\s​rescan.sys []
 S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kb​dhid.sys [2008-04-14 14720]
 S2 adfs;adfs; C:\WINDOWS\system32\drivers\ad​fs.sys []
 S3 a5xn0lja;a5xn0lja; C:\WINDOWS\system32\drivers\a5​xn0lja.sys []
 S3 catchme;catchme; \??\C:\DOCUME~1\UTILIS~1\LOCAL​S~1\Temp\catchme.sys []
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\Hd​Audio.sys [2005-01-07 145920]
 S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HP​Zid412.sys [2008-10-28 49920]
 S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HP​Zipr12.sys [2008-10-28 16496]
 S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HP​Zius12.sys [2008-10-28 21568]
 S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LV​cKap.sys [2006-11-15 1678368]
 S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LV​MVDrv.sys [2006-11-15 1962912]
 S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lv​usbsta.sys [2006-11-11 40352]
 S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\driver​s\mbamswissarmy.sys []
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov​530vid.sys []
 S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv​302af.sys [2006-11-11 13344]
 S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV​302V32.SYS [2006-11-11 933536]
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\us​baudio.sys [2008-04-13 60032]
 S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\Wu​dfPf.sys [2006-09-28 77568]
 S3 X-Rite;X-Rite USB Service; C:\WINDOWS\system32\DRIVERS\Xr​Usb.sys [2003-11-06 14936]
 S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Shot\LOCALS~1\​Temp\mc21.tmp []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 AntiVirSchedulerService;Avira Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-12-16 86224]
 R2 AntiVirService;Avira Protection temps réel; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-12-16 110032]
 R2 AntiVirWebService;Avira Protection Web; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-16 463824]
 R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe [2004-04-08 1135728]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2007-10-31 110592]
 R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe [2005-05-11 221266]
 R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\​CLSched.exe [2005-05-11 110672]
 R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe [2005-05-11 61440]
 R2 EpsonBidirectionalService;Epso​nBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
 R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e [2002-07-17 94208]
 R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.​exe [2005-01-07 49152]
 R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-25 153376]
 R2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe [2006-11-15 109344]
 R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 R2 PixVue;PixVue; C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe [2005-10-02 151552]
 R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 R2 RetroExpLauncher;Retrospect Express HD Launcher; C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe [2008-07-16 115992]
 R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\v​smon.exe [2011-02-18 2435592]
 R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLn​ch.exe [2006-11-15 101152]
 S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe []
 S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2008-11-20 136120]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe [2005-11-14 69632]
 S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
 S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
 S3 SwitchBoard;SwitchBoard; C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe [2010-02-19 517096]
 S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService​.exe [2006-12-14 544768]
 S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
 S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 -----------------EOF----------​-------

 ------------------------------​--------- Info.txt -------------------
 Logfile of random's system information tool 1.09 (written by random/random)
 Run by Shot at 2012-02-06 23:14:11
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 4 GB (15%) free of 30 GB
 Total RAM: 1014 MB (39% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 23:14:59, on 06/02/2012
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\csrss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 c:\program files\fichiers communs\logitech\lvmvfm\LV

(Publicité)
n°543395
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/02/2012 à 23:27:36  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 

 

Info45 a écrit :






 J'ai l'impression que info.txt n'est pas entier je le reposte ci dessous

 ------------------------------​----Info.txt------------------​--------------
 Logfile of random's system information tool 1.09 (written by random/random)
 Run by Shot at 2012-02-06 23:14:11
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 4 GB (15%) free of 30 GB
 Total RAM: 1014 MB (39% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 23:14:59, on 06/02/2012
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\csrss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe
 C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe
 C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e
 c:\APPS\HIDSERVICE\HIDSERVICE.​exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
 C:\WINDOWS\system32\svchost.ex​e
 c:\APPS\Powercinema\Kernel\TV\​CLSched.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\WINDOWS\AGRSMMSG.exe
 C:\Program Files\Ask.com\Updater\Updater.​exe
 C:\WINDOWS\system32\igfxtray.e​xe
 C:\WINDOWS\system32\hkcmd.exe
 C:\WINDOWS\system32\igfxpers.e​xe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\SuperCopier2\SuperCopier​2.exe
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
 C:\Program Files\Orbitdownloader\orbitdm.​exe
 C:\WINDOWS\system32\taskmgr.ex​e
 C:\WINDOWS\System32\alg.exe
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\WINDOWS\system32\wbem\wmipr​vse.exe
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
 C:\Documents and Settings\Shot\Bureau\RSIT.exe
 C:\WINDOWS\system32\wbem\wmipr​vse.exe
 C:\Program Files\trend micro\Shot.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://search.conduit.com?Sear [...] =CT2613520
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKCU\Software\Microsoft\Intern​et Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B07​3EFC214} - C:\Program Files\Orbitdownloader\orbitcth​.dll
 O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-76883​4316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.d​ll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723​696E350} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O2 - BHO: Protection ZoneAlarm - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E​116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
 O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL
 O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll
 O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O3 - Toolbar: PrivBar - {300BC64A-BF32-4cc8-8917-91148​CEFE700} - c:\progra~1\DropMyRights\PrivB​ar.dll
 O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.​dll
 O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMI​G.EXE" /Spoil /RemAdvDef /Migration32
 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /SYNC
 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /IMEName
 O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.​exe"
 O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier​2.exe
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: MonacoGamma.lnk = C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe
 O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/201
 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/204
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPho​tos.scr/200
 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/203
 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/202
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36​D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEB​ar.dll
 O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36​D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEB​ar.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1​AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\​IE\offline\fr.htm
 O16 - DPF: {2C7B74DE-3A9E-4CD3-A8DB-47411​E9680A8} (VirginMega.DML.Interface) - http://alice.vm-wl.com/Telecha [...] nLight.cab
 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4​f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelpe​r.dll
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696​A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips- [...] loader.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O18 - Protocol: bw+0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw+0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9​B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: offline-8876480 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
 O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe
 O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\​CLSched.exe
 O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe
 O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.ex​e
 O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
 O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e
 O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.​exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe
 O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLn​ch.exe
 O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.ex​e
 O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
 O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe
 O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe (file missing)
 O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.ex​e
 O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
 O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.e​xe
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe
 O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.e​xe
 O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService​.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
 O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiap​srv.exe
 O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 --
 End of file - 27197 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AdobeAAMUpdat​er-1.0-SN012345678912-Utilisat​eur.job
 C:\WINDOWS\tasks\ParetoLogic Registration3.job
 C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

 =========Mozilla firefox=========

 ProfilePath - C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default

 prefs.js - "browser.search.useDBForOrder" -  true
 prefs.js - "browser.startup.homepage" -  "file:///E:/Travail/Informatiq​ue/Develop/FrontPage/MonSiteWe​b/index.htm|http://www.infos-d​u-net.com/forum/9869-10-ntfs-f​at32|http://www.jurixt.com/xp/​xp_15.htm|http://www.trucs-et-​astuces-windows.com/technique_​pc/choix_ntfs_fat.html"
 prefs.js - "extensions.enabledItems" -  "{20a82645-c095-46ed-80e3-0882​5760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20, jqs@sun.com:1.0, smartwebprinting@hp.com:4.51, {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5}:2.7.1.3, {35379F86-8CCB-4724-AE33-4278D​E266C70}:1.0.5, {972ce4c6-7e08-4474-a285-32081​98ce6fd}:3.6.17"
 prefs.js - "keyword.URL" -  "chrome://browser-region/local​e/region.properties"

 "{20a82645-c095-46ed-80e3-0882​5760534b}"=C:\WINDOWS\Microsof​t.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\
 "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs​\ff
 "smartwebprinting@hp.com"=C:\P​rogram Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@adobe.com/FlashP​layer]
 "Description"=Adobe® Flash® Player 10.1 Plugin
 "Path"=C:\WINDOWS\system32\Mac​romed\Flash\NPSWF32.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@canon.com/Mycame​raPlugin]
 "Description"=Canon MycameraPlugin
 "Path"=C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@checkpoint.com/F​FApi]
 "Description"=ZoneAlarm Toolbar Api
 "Path"=C:\Program Files\CheckPoint\ZAForceField\​TrustChecker\bin\npFFApi.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@google.com/npPic​asa3,version=3.0.0]
 "Description"=Picasa3 plugin
 "Path"=C:\Program Files\Picasa3\npPicasa3.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@microsoft.com/WL​PG,version=14.0.8117.0416]
 "Description"=WLPG Install MIME type
 "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@microsoft.com/WP​F,version=3.5]
 "Description"=Windows Presentation Foundation plug-in for Mozilla browsers
 "Path"=C:\WINDOWS\Microsoft.NE​T\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@viewpoint.com/VM​P]
 "Description"=Viewpoint Media Player for Mozilla
 "Path"=C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\Adobe Reader]
 "Description"=Handles PDFs in-place in Firefox
 "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\yaxmpb@yahoo.com/​YahooActiveXPluginBridge;versi​on=1.0.0.1]
 "Description"=Yahoo! activeX Plug-in Bridge
 "Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.d​ll

 C:\Program Files\Mozilla Firefox\extensions\
 {972ce4c6-7e08-4474-a285-32081​98ce6fd}

 C:\Program Files\Mozilla Firefox\components\
 binary.manifest
 browsercomps.dll
 nsIQTScriptablePlugin.xpt

 C:\Program Files\Mozilla Firefox\plugins\
 np-mswmp.dll
 npdeployJava1.dll
 NPOFFICE.DLL
 nppdf32.dll
 nppdf32.FRA
 npqtplugin.dll
 npqtplugin2.dll
 npqtplugin3.dll
 npqtplugin4.dll
 npqtplugin5.dll
 npqtplugin6.dll
 npqtplugin7.dll
 np_gp.dll
 nsIQTScriptablePlugin.xpt
 QuickTimePlugin.class
 WMP Firefox Plugin License.rtf
 WMP Firefox Plugin RelNotes.txt

 C:\Program Files\Mozilla Firefox\searchplugins\
 amazon-france.xml
 bing.xml
 cnrtl-tlfi-fr.xml
 eBay-france.xml
 google.xml
 wikipedia-fr.xml
 yahoo-france.xml

 C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\extensions\
 toolbar@ask.com
 {20a82645-c095-46ed-80e3-08825​760534b}
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5}

 C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\searchplugins​\
 askcom.xml
 conduit.xml

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
 Octh Class - C:\Program Files\Orbitdownloader\orbitcth​.dll [2010-12-08 237681]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
 Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
 HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.d​ll [2009-09-20 328248]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2012-01-03 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
 Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2012-01-04 1514152]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
 Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-25 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-05-25 79648]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
 HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - Copernic Agent - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL [2004-12-02 1066968]
 {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - &PixVue - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll [2005-10-02 2420736]
 {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]
 {300BC64A-BF32-4cc8-8917-91148​CEFE700} - PrivBar - c:\progra~1\DropMyRights\PrivB​ar.dll [2005-10-14 233472]
 {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.​dll [2010-12-08 684032]
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]
 {D4027C7F-154A-4066-A1AD-4243D​8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2012-01-04 1514152]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "IMJPMIG8.1"=C:\WINDOWS\IME\im​jp8_1\IMJPMIG.EXE [2004-08-05 208952]
 "PHIME2002ASync"=C:\WINDOWS\sy​stem32\IME\TINTLGNT\TINTSETP.E​XE [2004-08-05 455168]
 "PHIME2002A"=C:\WINDOWS\system​32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
 "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDA​ShCut.exe [2005-01-07 61952]
 "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe [2005-06-20 729178]
 "AGRSMMSG"=C:\WINDOWS\AGRSMMSG​.exe [2005-05-11 88204]
 "NeroFilterCheck"=C:\WINDOWS\s​ystem32\NeroCheck.exe [2001-07-09 155648]
 ""= []
 "ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.​exe [2012-01-04 1391272]
 "IgfxTray"=C:\WINDOWS\system32​\igfxtray.exe [2007-01-13 131072]
 "HotKeysCmds"=C:\WINDOWS\syste​m32\hkcmd.exe [2007-01-13 163840]
 "Persistence"=C:\WINDOWS\syste​m32\igfxpers.exe [2007-01-13 135168]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-12-16 258512]
 "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2011-02-18 1043968]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "CTFMON.EXE"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]
 "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier​2.exe [2006-07-07 1052672]
 "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
 "AdobeBridge"= []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e ARM]
 C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2012-01-02 843712]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
 C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\U​pdaterStartupUtility.exe [2011-03-15 499608]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
 C:\Program Files\Fichiers communs\Adobe\CS5.5ServiceMana​ger\CS5.5ServiceManager.exe [2011-01-12 1523360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ASuite]
 F:\OI\Tutorom\Asuite1512\asuit​e.exe []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\DAEM​ON Tools Lite]
 C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\HP Software Update]
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LDM]
 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe [2007-03-12 36864]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
 C:\Program Files\Fichiers communs\Logitech\LComMgr\Commu​nications_Helper.exe [2006-10-31 284184]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
 C:\Program Files\Logitech\QuickCam10\Quic​kCam10.exe [2006-11-15 746520]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LVCOMSX]
 C:\Program Files\Fichiers communs\Logitech\LComMgr\LVCom​SX.exe [2006-11-15 244512]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PCMService]
 c:\Apps\Powercinema\PCMService​.exe [2005-05-11 127118]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RealTray]
 C:\Program Files\Real\RealPlayer\RealPlay​.exe [2006-06-22 26112]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RetroExpress]
 C:\PROGRA~1\RETROS~1\RETROS~1.​5\RetroExpress.exe [2008-07-16 9499928]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RTHDCPL]
 C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SwitchBoard]
 C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe [2010-02-19 517096]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 MonacoGamma.lnk - C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxdev.dl​l [2007-01-13 204800]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\PixVue]
 C:\Program Files\PixVue.Com\PixVue\bin\Wi​nLogon.DLL [2005-09-23 45056]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
 C:\WINDOWS\system32\WgaLogon.d​ll [2007-03-15 236928]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa]
 "notification packages"=:\WINDOWS\syste

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\vsmon]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=145

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "NoDriveAutoRun"=67108863
 "NoDriveTypeAutoRun"=255
 "HonorAutoRunSetting"=1

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\Orbitdownloader\orbitdm.​exe"="C:\Program Files\Orbitdownloader\orbitdm.​exe:*:Enabled:Orbit"
 "C:\Program Files\Orbitdownloader\orbitnet​.exe"="C:\Program Files\Orbitdownloader\orbitnet​.exe:*:Enabled:Orbit"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:​\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:En​abled:hpiscnapp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="​C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:​Enabled:hpqgplgtupl.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Ena​bled:hpqgpc01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enab​led:hpqusgm.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enab​led:hpqusgh.exe"
 "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Progra​m Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:h​pwucli.exe"
 "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"​="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:​*:Enabled:smartwebprintexe.exe​"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"
 "C:\WINDOWS\system32\ZoneLabs\​vsmon.exe"="C:\WINDOWS\system3​2\ZoneLabs\vsmon.exe:*:Enabled​:vsmon"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:​\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:En​abled:hpiscnapp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="​C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:​Enabled:hpqgplgtupl.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Ena​bled:hpqgpc01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enab​led:hpqusgm.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enab​led:hpqusgh.exe"
 "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Progra​m Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:h​pwucli.exe"
 "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"​="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:​*:Enabled:smartwebprintexe.exe​"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Drivers32]
 "midimapper"=midimap.dll
 "msacm.imaadpcm"=imaadp32.acm
 "msacm.msadpcm"=msadp32.acm
 "msacm.msg711"=msg711.acm
 "msacm.msgsm610"=msgsm32.acm
 "msacm.trspch"=tssoft32.acm
 "vidc.cvid"=iccvid.dll
 "VIDC.I420"=lvcodec2.dll
 "vidc.iv31"=ir32_32.dll
 "vidc.iv32"=ir32_32.dll
 "vidc.iv41"=ir41_32.ax
 "VIDC.IYUV"=iyuv_32.dll
 "vidc.mrle"=msrle32.dll
 "vidc.msvc"=msvidc32.dll
 "VIDC.UYVY"=msyuv.dll
 "VIDC.YUY2"=msyuv.dll
 "VIDC.YVU9"=tsbyuv.dll
 "VIDC.YVYU"=msyuv.dll
 "wavemapper"=msacm32.drv
 "msacm.msg723"=msg723.acm
 "vidc.M263"=msh263.drv
 "vidc.M261"=msh261.drv
 "msacm.msaudio1"=msaud32.acm
 "msacm.sl_anet"=sl_anet.acm
 "msacm.iac2"=C:\WINDOWS\system​32\iac25_32.ax
 "vidc.iv50"=ir50_32.dll
 "msacm.l3acm"=C:\WINDOWS\syste​m32\l3codeca.acm
 "wave"=wdmaud.drv
 "midi"=wdmaud.drv
 "mixer"=wdmaud.drv
 "aux"=wdmaud.drv
 "msacm.siren"=sirenacm.dll
 "MSVideo8"=VfWWDM32.dll
 "MSVideo"=vfwwdm32.dll
 "wave1"=wdmaud.drv
 "midi1"=wdmaud.drv
 "mixer1"=wdmaud.drv
 "aux1"=wdmaud.drv
 "vidc.ptev"=PteVideo.dll
 "VIDC.MPG4"=mpg4c32.dll
 "VIDC.MP42"=mpg4c32.dll

 ======File associations======

 .js - edit -
 .js - open -

 ======List of files/folders created in the last 1 month======

 2012-02-06 23:14:12 ----D---- C:\Program Files\trend micro
 2012-02-06 23:14:11 ----D---- C:\rsit
 2012-02-04 19:23:50 ----A---- C:\WINDOWS\system32\vsregexp.d​ll
 2012-02-04 19:23:47 ----A---- C:\WINDOWS\system32\zlcommdb.d​ll
 2012-02-04 19:23:47 ----A---- C:\WINDOWS\system32\zlcomm.dll
 2012-02-04 19:23:37 ----A---- C:\WINDOWS\system32\vswmi.dll
 2012-02-04 19:23:35 ----A---- C:\WINDOWS\system32\zpeng25.dl​l
 2012-02-04 19:23:35 ----A---- C:\WINDOWS\system32\vsxml.dll
 2012-02-04 19:23:34 ----D---- C:\WINDOWS\system32\ZoneLabs
 2012-02-04 19:23:34 ----A---- C:\WINDOWS\system32\vspubapi.d​ll
 2012-02-04 19:23:34 ----A---- C:\WINDOWS\system32\vsmonapi.d​ll
 2012-02-04 19:23:30 ----A---- C:\WINDOWS\system32\vsdatant.s​ys
 2012-02-04 19:23:29 ----D---- C:\Program Files\Zone Labs
 2012-02-04 19:22:37 ----A---- C:\WINDOWS\system32\vsdata.dll
 2012-02-04 19:22:36 ----A---- C:\WINDOWS\system32\vsutil.dll
 2012-02-04 19:22:36 ----A---- C:\WINDOWS\system32\vsinit.dll
 2012-02-04 19:19:45 ----D---- C:\WINDOWS\Internet Logs
 2012-02-04 18:54:58 ----D---- C:\Program Files\Conduit
 2012-02-04 18:54:53 ----D---- C:\Program Files\Protection_ZoneAlarm
 2012-02-04 18:54:02 ----AH---- C:\WINDOWS\system32\zllictbl.d​at
 2012-02-04 18:53:51 ----A---- C:\WINDOWS\system32\vsutil_loc​040c.dll
 2012-02-04 13:49:06 ----D---- C:\Documents and Settings\All Users\Application Data\CheckPoint
 2012-01-22 22:21:25 ----D---- C:\Documents and Settings\All Users\Application Data\Retrospect
 2012-01-22 18:25:45 ----D---- C:\Documents and Settings\Shot\Application Data\Avira
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​kmgr.sys
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​ipbb.sys
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​gntflt.sys
 2012-01-22 18:07:17 ----D---- C:\Program Files\Avira
 2012-01-22 18:07:17 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
 2012-01-19 09:13:26 ----HDC---- C:\WINDOWS\$NtUninstallKB25855​42$
 2012-01-16 11:17:59 ----HDC---- C:\WINDOWS\$NtUninstallKB26465​24$
 2012-01-16 11:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB26318​13$
 2012-01-16 11:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB25984​79$
 2012-01-16 11:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB26033​81$
 2012-01-16 11:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB25841​46$

 ======List of files/folders modified in the last 1 month======

 2012-02-06 23:14:28 ----D---- C:\WINDOWS\Prefetch
 2012-02-06 23:14:18 ----D---- C:\WINDOWS\Temp
 2012-02-06 23:14:12 ----RHD---- C:\Program Files
 2012-02-06 23:10:15 ----D---- C:\Documents and Settings\Shot\Application Data\Orbit
 2012-02-06 23:08:12 ----D---- C:\WINDOWS\system32\CatRoot2
 2012-02-06 23:06:37 ----A---- C:\WINDOWS\SchedLgU.Txt
 2012-02-06 14:39:30 ----SHD---- C:\System Volume Information
 2012-02-06 14:37:44 ----D---- C:\WINDOWS\system32\NtmsData
 2012-02-06 11:41:09 ----D---- C:\Program Files\CRESUS2
 2012-02-06 11:41:09 ----A---- C:\WINDOWS\win.ini
 2012-02-06 10:16:35 ----D---- C:\WINDOWS\Registration
 2012-02-05 21:27:43 ----HD---- C:\WINDOWS
 2012-02-05 15:53:24 ----SD---- C:\WINDOWS\Tasks
 2012-02-05 11:40:50 ----D---- C:\downloads
 2012-02-04 23:52:51 ----SHD---- C:\WINDOWS\Installer
 2012-02-04 23:52:50 ----D---- C:\Program Files\Ask.com
 2012-02-04 20:07:50 ----HD---- C:\Config.Msi
 2012-02-04 19:24:00 ----AD---- C:\WINDOWS\system32
 2012-02-04 18:54:04 ----D---- C:\Program Files\CheckPoint
 2012-02-04 13:52:40 ----D---- C:\WINDOWS\WinSxS
 2012-02-04 13:33:58 ----RASH---- C:\BOOT.INI
 2012-02-04 13:33:58 ----A---- C:\WINDOWS\system.ini
 2012-02-04 13:21:55 ----D---- C:\Program Files\Geneatique2012
 2012-02-04 13:20:14 ----D---- C:\Documents and Settings\All Users\Application Data\RetroExp
 2012-02-04 09:57:06 ----A---- C:\WINDOWS\NeroDigital.ini
 2012-02-02 17:14:01 ----D---- C:\Program Files\Mozilla Firefox
 2012-01-22 22:24:30 ----D---- C:\Program Files\Retrospect
 2012-01-22 21:55:50 ----D---- C:\Documents and Settings\Shot\Application Data\HPAppData
 2012-01-22 21:19:07 ----D---- C:\WINDOWS\REPAIR
 2012-01-22 18:43:50 ----HD---- C:\WINDOWS\inf
 2012-01-22 18:07:42 ----D---- C:\WINDOWS\system32\drivers
 2012-01-19 09:31:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
 2012-01-19 09:31:40 ----D---- C:\Program Files\Fichiers communs\Adobe
 2012-01-19 09:14:19 ----RSHD---- C:\WINDOWS\system32\dllcache
 2012-01-19 01:07:43 ----HD---- C:\WINDOWS\$hf_mig$
 2012-01-16 11:18:04 ----A---- C:\WINDOWS\imsins.BAK
 2012-01-16 11:12:58 ----A---- C:\WINDOWS\system32\MRT.exe
 2012-01-16 10:40:47 ----D---- C:\Program Files\Adobe
 2012-01-16 10:37:22 ----D---- C:\Documents and Settings\Shot\Application Data\Adobe

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\ag​p440.sys [2008-04-13 42368]
 R0 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\ag​pCPQ.sys [2008-04-13 44928]
 R0 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\al​im1541.sys [2008-04-13 42752]
 R0 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\am​dagp.sys [2008-04-13 43008]
 R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cb​idf2k.sys [2001-08-17 13952]
 R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\Px​Help20.sys [2009-04-17 44944]
 R0 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\si​sagp.sys [2008-04-13 40960]
 R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sp​td.sys [2011-06-02 431672]
 R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\vi​aagp.sys [2008-04-13 42240]
 R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2011-12-16 134856]
 R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\av​kmgr.sys [2011-12-16 36000]
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQ​NTDrv.sys [2002-09-16 4228]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2010-06-17 28520]
 R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws​2ifsl.sys [2004-08-05 12032]
 R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\AS​CTRM.sys [2006-06-22 8552]
 R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\av​gntflt.sys [2011-12-16 74640]
 R2 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.s​ys [2010-05-13 532224]
 R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Af​c.sys [2005-02-23 11776]
 R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AG​RSM.sys [2005-05-13 1094881]
 R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-13 144384]
 R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ig​xpmp32.sys [2007-01-13 5672032]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2005-05-25 3134976]
 R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LV​Pr2Mon.sys [2006-11-15 24736]
 R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2001-08-23 12288]
 R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​lnicxp.sys [2005-03-04 74496]
 R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\Sy​nTP.sys [2005-06-20 190400]
 R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w2​9n51.sys [2004-10-29 3222784]
 R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wa​natw4.sys [2003-01-10 33588]
 S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\s​rescan.sys []
 S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kb​dhid.sys [2008-04-14 14720]
 S2 adfs;adfs; C:\WINDOWS\system32\drivers\ad​fs.sys []
 S3 a5xn0lja;a5xn0lja; C:\WINDOWS\system32\drivers\a5​xn0lja.sys []
 S3 catchme;catchme; \??\C:\DOCUME~1\UTILIS~1\LOCAL​S~1\Temp\catchme.sys []
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\Hd​Audio.sys [2005-01-07 145920]
 S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HP​Zid412.sys [2008-10-28 49920]
 S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HP​Zipr12.sys [2008-10-28 16496]
 S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HP​Zius12.sys [2008-10-28 21568]
 S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LV​cKap.sys [2006-11-15 1678368]
 S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LV​MVDrv.sys [2006-11-15 1962912]
 S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lv​usbsta.sys [2006-11-11 40352]
 S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\driver​s\mbamswissarmy.sys []
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov​530vid.sys []
 S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv​302af.sys [2006-11-11 13344]
 S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV​302V32.SYS [2006-11-11 933536]
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\us​baudio.sys [2008-04-13 60032]
 S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\Wu​dfPf.sys [2006-09-28 77568]
 S3 X-Rite;X-Rite USB Service; C:\WINDOWS\system32\DRIVERS\Xr​Usb.sys [2003-11-06 14936]
 S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Shot\LOCALS~1\​Temp\mc21.tmp []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 AntiVirSchedulerService;Avira Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-12-16 86224]
 R2 AntiVirService;Avira Protection temps réel; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-12-16 110032]
 R2 AntiVirWebService;Avira Protection Web; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-16 463824]
 R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe [2004-04-08 1135728]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2007-10-31 110592]
 R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe [2005-05-11 221266]
 R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\​CLSched.exe [2005-05-11 110672]
 R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe [2005-05-11 61440]
 R2 EpsonBidirectionalService;Epso​nBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
 R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e [2002-07-17 94208]
 R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.​exe [2005-01-07 49152]
 R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-25 153376]
 R2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe [2006-11-15 109344]
 R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 R2 PixVue;PixVue; C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe [2005-10-02 151552]
 R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 R2 RetroExpLauncher;Retrospect Express HD Launcher; C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe [2008-07-16 115992]
 R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\v​smon.exe [2011-02-18 2435592]
 R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLn​ch.exe [2006-11-15 101152]
 S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe []
 S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2008-11-20 136120]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe [2005-11-14 69632]
 S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
 S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
 S3 SwitchBoard;SwitchBoard; C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe [2010-02-19 517096]
 S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService​.exe [2006-12-14 544768]
 S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
 S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 -----------------EOF----------​-------

n°543396
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 06/02/2012 à 23:30:58  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
...

 Télécharge AdwCleaner (by Xplode) et enregistre-le sur le bureau.

 Puis, clique sur l'icône AdwCleaner qui est sur le bureau.

 Choisis l'option "Recherche".

 Patiente le temps du scan ...

 Une fois le scan achevé, le rapport s'affiche.

 Poste (copie colle) celui-ci dans ta prochaine réponse.

n°543397
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 06/02/2012 à 23:46:57  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 

kmisol a écrit :

...

 Télécharge AdwCleaner (by Xplode) et enregistre-le sur le bureau.

 Puis, clique sur l'icône AdwCleaner qui est sur le bureau.

 Choisis l'option "Recherche".

 Patiente le temps du scan ...

 Une fois le scan achevé, le rapport s'affiche.

 Poste (copie colle) celui-ci dans ta prochaine réponse.

 





 ------------------------- ci après le rapport ----------------------------
 # AdwCleaner v1.408 - Rapport créé le 06/02/2012 à 23:34:35
 # Mis à jour le 29/01/2012 par Xplode
 # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
 # Nom d'utilisateur : Shot - SN012345678912 (Administrateur)
 # Exécuté depuis : C:\Documents and Settings\Shot\Bureau\adwcleane​r.exe
 # Option [Recherche]


 ***** [Services] *****


 ***** [Fichiers / Dossiers] *****

 Dossier Présent : C:\Documents and Settings\All Users\Application Data\Viewpoint
 Dossier Présent : C:\Documents and Settings\Shot\Application Data\AskToolbar
 Dossier Présent : C:\Documents and Settings\Shot\Application Data\Mozilla\Extensions\{ec803​0f7-c20a-464f-9b0e-13a3a9e9738​4}
 Dossier Présent : C:\Documents and Settings\Shot\Local Settings\Application Data\AskToolbar
 Dossier Présent : C:\Documents and Settings\Shot\Local Settings\Application Data\Conduit
 Dossier Présent : C:\Program Files\Ask.com
 Dossier Présent : C:\Program Files\Conduit
 Dossier Présent : C:\WINDOWS\Installer\{86D4B82A​-ABED-442A-BE86-96357B70F4FE}
 Dossier Présent : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\ConduitCommon
 Dossier Présent : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\extensions\to​olbar@ask.com
 Fichier Présent : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 Fichier Présent : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\searchplugins​\Askcom.xml
 Fichier Présent : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\searchplugins​\Conduit.xml

 ***** [Registre] *****

 

  • Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.​CT2613520
Clé Présente : HKCU\Toolbar
 Clé Présente : HKCU\Software\Ask.com
 Clé Présente : HKCU\Software\AskToolbar
 Clé Présente : HKCU\Software\APN
 Clé Présente : HKCU\Software\Conduit
 Clé Présente : HKCU\Software\ConduitSearchSco​pes
 Clé Présente : HKCU\Software\AppDataLow\Softw​are\Conduit
 Clé Présente : HKLM\SOFTWARE\AskToolbar
 Clé Présente : HKLM\SOFTWARE\APN
 Clé Présente : HKLM\SOFTWARE\Conduit
 Clé Présente : HKLM\SOFTWARE\ItsLabel
 Clé Présente : HKLM\SOFTWARE\MetaStream
 Clé Présente : HKLM\SOFTWARE\Orbit\OpenCandy
 Clé Présente : HKLM\SOFTWARE\Classes\GenericA​skToolbar.ToolbarWnd
 Clé Présente : HKLM\SOFTWARE\Classes\GenericA​skToolbar.ToolbarWnd.1
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\Ge​nericAskToolbar.DLL
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\So​ftwareUpdate.exe
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9​B0CB95C-933A-4B8C-B6D4-EDCD19A​43874}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3​c471948-f874-49f5-b338-4f214a2​ee0b1}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{0​0000000-6E41-4FD3-8538-502F549​5E5FC}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D​4027C7F-154A-4066-A1AD-4243D81​27440}
 Clé Présente : HKLM\SOFTWARE\Classes\Installe​r\Products\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé Présente : HKLM\SOFTWARE\Classes\Installe​r\Features\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé Présente : HKLM\SOFTWARE\Microsoft\RFC115​6Agent
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Products\A28B4D​68DEBAA244EB686953B7074FEF
 Clé Présente : HKLM\SOFTWARE\Microsoft\System​Certificates\AuthRoot\Certific​ates\2796BAE63F1801E277261BA0D​77770028F20EEE4
 Clé Présente : HKLM\SOFTWARE\Microsoft\System​Certificates\AuthRoot\Certific​ates\DE28F4A4FFE5B92FA3C503D1A​349A7F9962A8212
 Clé Présente : HKLM\SOFTWARE\Classes\Interfac​e\{6C434537-053E-486D-B62A-160​059D9D456}
 Clé Présente : HKLM\SOFTWARE\Classes\Interfac​e\{91CF619A-4686-4CA4-9232-3B2​E6B63AA92}
 Clé Présente : HKLM\SOFTWARE\Classes\Interfac​e\{AC71B60E-94C9-4EDE-BA46-E14​6747BB67E}
 Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\​{2996F0E7-292B-4CAE-893F-47B8B​1C05B56}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3​-A498-00104B6EB52E}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6​-BFB6-AD540AD427CD}
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{afdbdda​a-5d3f-42ee-b79c-185a7020515b}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{D4​027C7F-154A-4066-A1AD-4243D812​7440}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{D4027C7F-154A-4066-A1AD-4243D​8127440}
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\{86​D4B82A-ABED-442A-BE86-96357B70​F4FE}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s NT\CurrentVersion\Image File Execution Options\setup.exe
 Clé Présente : HKLM\SOFTWARE\MozillaPlugins\@​viewpoint.com/VMP
 Valeur Présente : HKCU\Software\Microsoft\Intern​et Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5​495E5FC}]
 Valeur Présente : HKCU\Software\Microsoft\Intern​et Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D​8127440}]
 Valeur Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D​8127440}]
 Valeur Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Run [ApnUpdater]

 ***** [Navigateurs] *****

 -\\ Internet Explorer v8.0.6001.18702

 [HKCU\Software\Microsoft\Intern​et Explorer\Main - Start Page] = hxxp://search.conduit.com?Sear​chSource=10&ctid=CT2613520

 -\\ Mozilla Firefox v3.6.8 (fr)

 Profil : 8lrhl7pf.default
 Fichier : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\prefs.js

 Présente : user_pref("CT2613520..clientLo​gIsEnabled", true);
 Présente : user_pref("CT2613520..clientLo​gServiceUrl", "hxxp://clientlog.users.condui​t.com/ClientDiagnostics.as[...]
 Présente : user_pref("CT2613520..uninstal​lLogServiceUrl", "hxxp://uninstall.users.condui​t.com/Uninstall.asmx/Re[...]
 Présente : user_pref("CT2613520.ALLOW_SHO​WING_HIDDEN_TOOLBAR", false);
 Présente : user_pref("CT2613520.AboutPriv​acyUrl", "hxxp://www.conduit.com/privac​y/Default.aspx" );
 Présente : user_pref("CT2613520.CTID", "ct2613520" );
 Présente : user_pref("CT2613520.CurrentSe​rverDate", "4-2-2012" );
 Présente : user_pref("CT2613520.DialogsAl​ignMode", "LTR" );
 Présente : user_pref("CT2613520.DialogsGe​tterLastCheckTime", "Sat Feb 04 2012 13:35:58 GMT+0100" );
 Présente : user_pref("CT2613520.DownloadR​eferralCookieData", "" );
 Présente : user_pref("CT2613520.EMailNoti​fierPollDate", "Sat Feb 04 2012 19:31:23 GMT+0100" );
 Présente : user_pref("CT2613520.FirstServ​erDate", "4-12-2010" );
 Présente : user_pref("CT2613520.FirstTime​", true);
 Présente : user_pref("CT2613520.FirstTime​FF3", true);
 Présente : user_pref("CT2613520.FirstTime​SettingsDone", true);
 Présente : user_pref("CT2613520.FixPageNo​tFoundErrors", true);
 Présente : user_pref("CT2613520.GroupingS​erverCheckInterval", 1440);
 Présente : user_pref("CT2613520.GroupingS​erviceUrl", "hxxp://grouping.services.cond​uit.com/" );
 Présente : user_pref("CT2613520.HasUserGl​obalKeys", true);
 Présente : user_pref("CT2613520.Initializ​e", true);
 Présente : user_pref("CT2613520.Initializ​eCommonPrefs", true);
 Présente : user_pref("CT2613520.Installat​ionAndCookieDataSentCount", 3);
 Présente : user_pref("CT2613520.Installat​ionType", "UnknownIntegration" );
 Présente : user_pref("CT2613520.Installed​Date", "Sat Dec 04 2010 11:44:19 GMT+0100" );
 Présente : user_pref("CT2613520.IsAlertDB​Updated", true);
 Présente : user_pref("CT2613520.IsGroupin​g", false);
 Présente : user_pref("CT2613520.IsMultico​mmunity", false);
 Présente : user_pref("CT2613520.IsOpenTha​nkYouPage", false);
 Présente : user_pref("CT2613520.IsOpenUni​nstallPage", true);
 Présente : user_pref("CT2613520.LanguageP​ackLastCheckTime", "Sat Dec 04 2010 11:44:44 GMT+0100" );
 Présente : user_pref("CT2613520.LanguageP​ackReloadIntervalMM", 1440);
 Présente : user_pref("CT2613520.LanguageP​ackServiceUrl", "hxxp://translation.users.cond​uit.com/Translation.ashx[...]
 Présente : user_pref("CT2613520.LastLogin​_2.7.1.3", "Sat Dec 04 2010 11:44:44 GMT+0100" );
 Présente : user_pref("CT2613520.LastLogin​_3.3.3.2", "Wed Jun 15 2011 23:24:35 GMT+0200" );
 Présente : user_pref("CT2613520.LastLogin​_3.5.0.12", "Tue Aug 16 2011 15:02:57 GMT+0200" );
 Présente : user_pref("CT2613520.LastLogin​_3.6.0.10", "Sun Sep 18 2011 18:15:15 GMT+0200" );
 Présente : user_pref("CT2613520.LastLogin​_3.8.0.8", "Wed Nov 30 2011 14:45:11 GMT+0100" );
 Présente : user_pref("CT2613520.LastLogin​_3.9.0.3", "Sat Feb 04 2012 18:05:11 GMT+0100" );
 Présente : user_pref("CT2613520.LatestVer​sion", "3.9.0.3" );
 Présente : user_pref("CT2613520.Locale", "fr-fr" );
 Présente : user_pref("CT2613520.LoginCach​e", 4);
 Présente : user_pref("CT2613520.MCDetectT​ooltipHeight", "83" );
 Présente : user_pref("CT2613520.MCDetectT​ooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank​/tooltip/?version=1" );
 Présente : user_pref("CT2613520.MCDetectT​ooltipWidth", "295" );
 Présente : user_pref("CT2613520.MyStuffEn​abledAtInstallation", false);
 Présente : user_pref("CT2613520.RadioIsPo​dcast", false);
 Présente : user_pref("CT2613520.RadioMedi​aID", "9962" );
 Présente : user_pref("CT2613520.RadioMedi​aType", "Media Player" );
 Présente : user_pref("CT2613520.RadioMenu​SelectedID", "EBRadioMenu_CT26135209962" );
 Présente : user_pref("CT2613520.RadioShri​nkedFromSetup", false);
 Présente : user_pref("CT2613520.RadioStat​ionName", "California%20Rock" );
 Présente : user_pref("CT2613520.RadioStat​ionURL", "hxxp://feedlive.net/californi​a.asx" );
 Présente : user_pref("CT2613520.SearchEng​ine", "Recherche||hxxp://search.cond​uit.com/Results.aspx?q=UCM_SEA​RCH_[...]
 Présente : user_pref("CT2613520.SearchFro​mAddressBarIsInit", true);
 Présente : user_pref("CT2613520.SearchFro​mAddressBarUrl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT261[...]
 Présente : user_pref("CT2613520.SearchInN​ewTabEnabled", true);
 Présente : user_pref("CT2613520.SearchInN​ewTabIntervalMM", 1440);
 Présente : user_pref("CT2613520.SearchInN​ewTabServiceUrl", "hxxp://newtab.conduit-hosting​.com/newtab/?ctid=EB_T[...]
 Présente : user_pref("CT2613520.SearchInN​ewTabUsageUrl", "hxxp://usage.hosting.toolbar.​conduit-services.com/usa[...]
 Présente : user_pref("CT2613520.ServiceMa​pLastCheckTime", "Sat Feb 04 2012 19:31:19 GMT+0100" );
 Présente : user_pref("CT2613520.SettingsC​heckIntervalMin", 120);
 Présente : user_pref("CT2613520.SettingsL​astCheckTime", "Sat Dec 04 2010 11:44:15 GMT+0100" );
 Présente : user_pref("CT2613520.SettingsL​astUpdate", "1291277758" );
 Présente : user_pref("CT2613520.ThirdPart​yComponentsInterval", 504);
 Présente : user_pref("CT2613520.ThirdPart​yComponentsLastCheck", "Sat Dec 04 2010 11:44:12 GMT+0100" );
 Présente : user_pref("CT2613520.ThirdPart​yComponentsLastUpdate", "1255348267" );
 Présente : user_pref("CT2613520.ToolbarSh​rinkedFromSetup", false);
 Présente : user_pref("CT2613520.TrusteLin​kUrl", "hxxp://trust.conduit.com/CT26​13520" );
 Présente : user_pref("CT2613520.TrustedAp​iDomains", "conduit.com,conduit-hosting.c​om,conduit-services.com,clien[...]
 Présente : user_pref("CT2613520.UserID", "UN85374177174184363" );
 Présente : user_pref("CT2613520.WeatherNe​twork", "" );
 Présente : user_pref("CT2613520.WeatherPo​llDate", "Sat Feb 04 2012 19:10:49 GMT+0100" );
 Présente : user_pref("CT2613520.WeatherUn​it", "C" );
 Présente : user_pref("CT2613520.alertChan​nelId", "1006317" );
 Présente : user_pref("CT2613520.clientLog​IsEnabled", false);
 Présente : user_pref("CT2613520.clientLog​ServiceUrl", "hxxp://clientlog.users.condui​t.com/ClientDiagnostics.asm[...]
 Présente : user_pref("CT2613520.component​s.1000082", true);
 Présente : user_pref("CT2613520.component​s.1000234", true);
 Présente : user_pref("CT2613520.ct2613520​.AppTrackingLastCheckTime", "Sun Nov 20 2011 23:19:17 GMT+0100" );
 Présente : user_pref("CT2613520.ct2613520​.DialogsAlignMode", "LTR" );
 Présente : user_pref("CT2613520.ct2613520​.FirstTimeSettingsDone", true);
 Présente : user_pref("CT2613520.ct2613520​.InvalidateCache", false);
 Présente : user_pref("CT2613520.ct2613520​.LanguagePackLastCheckTime", "Sat Feb 04 2012 13:35:58 GMT+0100" );
 Présente : user_pref("CT2613520.ct2613520​.Locale", "fr-fr" );
 Présente : user_pref("CT2613520.ct2613520​.RadioLastCheckTime", "Sat Feb 04 2012 13:35:44 GMT+0100" );
 Présente : user_pref("CT2613520.ct2613520​.RadioLastUpdateIPServer", "3" );
 Présente : user_pref("CT2613520.ct2613520​.RadioLastUpdateServer", "0" );
 Présente : user_pref("CT2613520.ct2613520​.SearchEngine", "Recherche||hxxp://search.cond​uit.com/Results.aspx?q=U[...]
 Présente : user_pref("CT2613520.ct2613520​.SearchInNewTabLastCheckTime", "Sat Feb 04 2012 13:35:43 GMT+0100" );
 Présente : user_pref("CT2613520.ct2613520​.SettingsCheckIntervalMin", 120);
 Présente : user_pref("CT2613520.ct2613520​.SettingsLastCheckTime", "Sat Feb 04 2012 18:05:01 GMT+0100" );
 Présente : user_pref("CT2613520.ct2613520​.SettingsLastUpdate", "1321973221" );
 Présente : user_pref("CT2613520.ct2613520​.ThirdPartyComponentsLastCheck​", "Sun Jan 22 2012 21:57:00 GMT+0100" );
 Présente : user_pref("CT2613520.ct2613520​.ThirdPartyComponentsLastUpdat​e", "1255348267" );
 Présente : user_pref("CT2613520.ct2613520​.globalFirstTimeInfoLastCheckT​ime", "Sat Feb 04 2012 13:35:58 GMT+0100[...]
 Présente : user_pref("CT2613520.ct2613520​.toolbarAppMetaDataLastCheckTi​me", "Sat Feb 04 2012 13:35:58 GMT+0100"[...]
 Présente : user_pref("CT2613520.ct2613520​.toolbarContextMenuLastCheckTi​me", "Sun Jan 22 2012 21:57:09 GMT+0100"[...]
 Présente : user_pref("CT2613520.generalCo​nfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"So​cialDomains\":\"social.c[...]
 Présente : user_pref("CT2613520.homepageP​rotectorEnableByLogin", true);
 Présente : user_pref("CT2613520.initDone"​, true);
 Présente : user_pref("CT2613520.isAppTrac​kingManagerOn", true);
 Présente : user_pref("CT2613520.isFirstRa​dioInstallation", false);
 Présente : user_pref("CT2613520.myStuffEn​abled", true);
 Présente : user_pref("CT2613520.myStuffPu​blihserMinWidth", 400);
 Présente : user_pref("CT2613520.myStuffSe​archUrl", "hxxp://Apps.conduit.com/searc​h?q=SEARCH_TERM&SearchSourceOr[...]
 Présente : user_pref("CT2613520.myStuffSe​rviceIntervalMM", 1440);
 Présente : user_pref("CT2613520.myStuffSe​rviceUrl", "hxxp://mystuff.conduit-servic​es.com/MyStuffService.ashx?Co[...]
 Présente : user_pref("CT2613520.oldAppsLi​st", "129171058074716794,1291710580​74873045,111,12917105807502929​6,129[...]
 Présente : user_pref("CT2613520.revertSet​tingsEnabled", true);
 Présente : user_pref("CT2613520.searchPro​tectorDialogDelayInSec", 10);
 Présente : user_pref("CT2613520.searchPro​tectorEnableByLogin", true);
 Présente : user_pref("CT2613520.testingCt​id", "" );
 Présente : user_pref("CT2613520.uninstall​LogServiceUrl", "hxxp://uninstall.users.condui​t.com/Uninstall.asmx/Reg[...]
 Présente : user_pref("CT2613520.usagesFla​g", 2);
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://Settings.toolbar.sea​rch.conduit.com/root/ct2613520​/CT2613520[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://appsmetadata.toolbar​.conduit-services.com/?ctid=ct​2613520", [...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Got​tenApps&lo[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Oth​erApps&loc[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Sha​redApps&lo[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Too​lbar&local[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.alert​.conduit-services.com/alert/dl​g.pkg", "\[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.engin​e.conduit-services.com/DLG.pkg​?ver=3.3.3[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.3.[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.5.[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.6.[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.8.[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.9.[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://servicemap.conduit-s​ervices.com/Toolbar/?ownerId=C​T2613520",[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://settings.engine.cond​uit-services.com/?browser=FF&l​ut=0", "63[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://settings.engine.cond​uit-services.com/?browser=FF&l​ut=3/13/20[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://settings.toolbar.con​duit-services.com/?ctid=ct2613​520&octid=[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://settings.toolbar.sea​rch.conduit.com/root/ct2613520​/CT2613520[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://storage.conduit.com/​20/261/CT2613520/Images/634084​9620311100[...]
 Présente : user_pref("CommunityToolbar.ET​ag.hxxp://translation.toolbar.​conduit-services.com/?locale=f​r-fr", "\"[...]
 Présente : user_pref("CommunityToolbar.En​gineOwner", "" );
 Présente : user_pref("CommunityToolbar.En​gineOwnerGuid", "{d7f26d0e-9801-45c3-a091-8a65​e4ed73b5}" );
 Présente : user_pref("CommunityToolbar.En​gineOwnerToolbarId", "protection_zonealarm" );
 Présente : user_pref("CommunityToolbar.Is​EngineShown", true);
 Présente : user_pref("CommunityToolbar.Is​MyStuffImportedToEngine", true);
 Présente : user_pref("CommunityToolbar.La​testLibsPath", "file:///C:\\Documents and Settings\\Shot\\Application [...]
 Présente : user_pref("CommunityToolbar.La​testToolbarVersionInstalled", "3.9.0.3" );
 Présente : user_pref("CommunityToolbar.Or​iginalEngineOwner", "CT2613520" );
 Présente : user_pref("CommunityToolbar.Or​iginalEngineOwnerGuid", "{d7f26d0e-9801-45c3-a091-8a65​e4ed73b5}" );
 Présente : user_pref("CommunityToolbar.Or​iginalEngineOwnerToolbarId", "protection_zonealarm" );
 Présente : user_pref("CommunityToolbar.Se​archFromAddressBarSavedUrl", "chrome://browser-region/local​e/region.pr[...]
 Présente : user_pref("CommunityToolbar.To​olbarsList", "CT2613520" );
 Présente : user_pref("CommunityToolbar.To​olbarsList2", "CT2613520" );
 Présente : user_pref("CommunityToolbar.al​ert.alertDialogsGetterLastChec​kTime", "Sun Jun 12 2011 18:04:52 GMT+02[...]
 Présente : user_pref("CommunityToolbar.al​ert.clientsServerUrl", "hxxp://alert.client.conduit.c​om" );
 Présente : user_pref("CommunityToolbar.al​ert.locale", "en" );
 Présente : user_pref("CommunityToolbar.al​ert.loginIntervalMin", 1440);
 Présente : user_pref("CommunityToolbar.al​ert.loginLastCheckTime", "Wed Jun 15 2011 23:24:24 GMT+0200" );
 Présente : user_pref("CommunityToolbar.al​ert.loginLastUpdateTime", "1305622559" );
 Présente : user_pref("CommunityToolbar.al​ert.messageShowTimeSec", 20);
 Présente : user_pref("CommunityToolbar.al​ert.servicesServerUrl", "hxxp://alert.services.conduit​.com" );
 Présente : user_pref("CommunityToolbar.al​ert.showTrayIcon", false);
 Présente : user_pref("CommunityToolbar.al​ert.userCloseIntervalMin", 300);
 Présente : user_pref("CommunityToolbar.al​ert.userId", "b9378b7a-b189-4b06-9591-2f352​f8be56a" );
 Présente : user_pref("CommunityToolbar.fa​cebook.settingsLastCheckTime", "Sat Feb 04 2012 13:35:43 GMT+0100" );
 Présente : user_pref("CommunityToolbar.gl​obalUserId", "910c11df-8759-4e70-9171-56888​80c25e1" );
 Présente : user_pref("CommunityToolbar.is​AlertUrlAddedToFeedItemTable", true);
 Présente : user_pref("CommunityToolbar.is​ClickActionAddedToFeedItemTabl​e", true);
 Présente : user_pref("CommunityToolbar.ke​ywordURLSelectedCTID", "CT2613520" );
 Présente : user_pref("CommunityToolbar.ki​lledEngine", true);
 Présente : user_pref("CommunityToolbar.no​tifications.alertDialogsGetter​LastCheckTime", "Sat Feb 04 2012 13:35:4[...]
 Présente : user_pref("CommunityToolbar.no​tifications.clientsServerUrl", "hxxp://alert.client.conduit.c​om" );
 Présente : user_pref("CommunityToolbar.no​tifications.locale", "en" );
 Présente : user_pref("CommunityToolbar.no​tifications.loginIntervalMin", 1440);
 Présente : user_pref("CommunityToolbar.no​tifications.loginLastCheckTime​", "Sat Feb 04 2012 13:35:37 GMT+0100" );
 Présente : user_pref("CommunityToolbar.no​tifications.loginLastUpdateTim​e", "1313487611" );
 Présente : user_pref("CommunityToolbar.no​tifications.messageShowTimeSec​", 20);
 Présente : user_pref("CommunityToolbar.no​tifications.servicesServerUrl"​, "hxxp://alert.services.conduit​.com" );
 Présente : user_pref("CommunityToolbar.no​tifications.showTrayIcon", false);
 Présente : user_pref("CommunityToolbar.no​tifications.userCloseIntervalM​in", 300);
 Présente : user_pref("CommunityToolbar.no​tifications.userId", "55152212-b1a7-4ea4-92b8-4e149​3efb259" );
 Présente : user_pref("CommunityToolbar.un​defined", "" );
 Présente : user_pref("browser.search.defa​ultengine", "Ask.com" );
 Présente : user_pref("browser.search.defa​ultenginename", "Ask.com" );
 Présente : user_pref("browser.search.defa​ultthis.engineName", "Protection ZoneAlarm Customized Web Search" );
 Présente : user_pref("browser.search.defa​ulturl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT2613520&Se​a[...]
 Présente : user_pref("browser.search.orde​r.1", "Ask.com" );
 Présente : user_pref("browser.search.sele​ctedEngine", "Ask.com" );
 Présente : user_pref("extensions.asktb.Av​iraIDW-TS", "1321827558696" );
 Présente : user_pref("extensions.asktb.Av​iraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<butto​n xm[...]
 Présente : user_pref("extensions.asktb.In​stallDir", "C:\\Program Files\\Ask.com\\" );
 Présente : user_pref("extensions.asktb.cb​id", "JM" );
 Présente : user_pref("extensions.asktb.co​nfig-updated", false);
 Présente : user_pref("extensions.asktb.cr​umb", "2011.09.05+23.31.33-toolbar01​3iad-FR-T3JsZWFucyxGcmFuY2U%3D​" );
 Présente : user_pref("extensions.asktb.de​fault-channel-url-mask", "hxxp://fr.ask.com/web?q={quer​y}&qsrc={qsrc}&[...]
 Présente : user_pref("extensions.asktb.dt​id", "YYYYYYYYFR" );
 Présente : user_pref("extensions.asktb.ff​-original-keyword-url", "hxxp://search.conduit.com/Res​ultsExt.aspx?cti[...]
 Présente : user_pref("extensions.asktb.fi​rst-launch", true);
 Présente : user_pref("extensions.asktb.fi​rst-restart-after-config-updat​e", true);
 Présente : user_pref("extensions.asktb.fr​esh-install", false);
 Présente : user_pref("extensions.asktb.gu​id", "ad83e039-934e-487a-9d47-97831​3027abd" );
 Présente : user_pref("extensions.asktb.hx​xp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.c​om\", \"ask.com[...]
 Présente : user_pref("extensions.asktb.if​", "first" );
 Présente : user_pref("extensions.asktb.l"​, "dis" );
 Présente : user_pref("extensions.asktb.la​st-config-req", "1328566610163" );
 Présente : user_pref("extensions.asktb.la​st-v", "3.13.2.100010" );
 Présente : user_pref("extensions.asktb.lo​cale", "fr_FR" );
 Présente : user_pref("extensions.asktb.lo​cation", "Orleans,France" );
 Présente : user_pref("extensions.asktb.no​tification-shown", true);
 Présente : user_pref("extensions.asktb.o"​, "100000080" );
 Présente : user_pref("extensions.asktb.ov​erlay-reloaded-using-restart", true);
 Présente : user_pref("extensions.asktb.qs​rc", "2871" );
 Présente : user_pref("extensions.asktb.r"​, "2" );
 Présente : user_pref("extensions.asktb.sa​", "YES" );
 Présente : user_pref("extensions.asktb.sa​guid", "C05D03B6-DF8C-4D89-B2B8-69589​4DDB2B7" );
 Présente : user_pref("extensions.asktb.se​arch-suggestions-enabled", true);
 Présente : user_pref("extensions.asktb.si​lent-upgrade", true);
 Présente : user_pref("extensions.asktb.si​lent-upgrade-from-pre-newtabs-​build", false);
 Présente : user_pref("extensions.asktb.th​emeid", "" );
 Présente : user_pref("extensions.asktb.to​", "" );
 Présente : user_pref("extensions.asktb.v"​, "3.14.1.100010" );
 Présente : user_pref("extensions.enabledA​ddons", "{d7f26d0e-9801-45c3-a091-8a65​e4ed73b5}:3.9.0.3,toolbar@ask.​co[...]
 Présente : user_pref("keyword.URL", "hxxp://websearch.ask.com/redi​rect?client=ff&src=kw&tb=AVR-W​1&o=100000080&l[...]

 Profil : oe9kawho.default
 Fichier : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​oe9kawho.default\prefs.js

 [OK] Le fichier ne contient aucune entrée illégitime.

 *************************

 AdwCleaner[R1].txt - [24461 octets] - [06/02/2012 23:34:35]

 ########## EOF - C:\AdwCleaner[R1].txt - [24590 octets] ##########


(Publicité)
n°543398
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/02/2012 à 00:01:19  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
...

 Fais ce qui suit, dans l'ordre (merci de respecter cet ordre) :

 1/ Relance AdwCleaner et choisis l’option « Suppression ».

 Poste le rapport.

 -----
 2/ Télécharge AD-R (de Cyrildu17 / C_XX) sur ton Bureau.

 !! Déconnecte-toi du net et ferme toutes applications en cours !!

 Double-clique sur le programme d'installation ; laisse-le
 s’installer par défaut (C:\Program files).

 Double-clique sur l'icône AD-Remover située sur ton Bureau.

 Au menu principal, choisis l'option « Nettoyer ».

 L’outil débute le nettoyage … Laisse-le travailler !

 Le scan achevé, une fenêtre va s’afficher.
 Poste (copie-colle) le rapport qui apparaît à la fin.

 (tu trouveras aussi le rapport sous C:\Ad-report(date).log)

 Note : "Process.exe", une composante de l'outil peut être
 détecté par certains antivirus comme une infection ; donc, ne pas en tenir compte : il s'agit

 -----
 Une fois cela achevé, tu pourras lancer Malwarebytes ...

n°543399
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/02/2012 à 00:19:17  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 

 

kmisol a écrit :

...

 Fais ce qui suit, dans l'ordre (merci de respecter cet ordre) :

 1/ Relance AdwCleaner et choisis l’option « Suppression ».

 Poste le rapport.

 -----
 2/ Télécharge AD-R (de Cyrildu17 / C_XX) sur ton Bureau.

 !! Déconnecte-toi du net et ferme toutes applications en cours !!

 Double-clique sur le programme d'installation ; laisse-le
 s’installer par défaut (C:\Program files).

 Double-clique sur l'icône AD-Remover située sur ton Bureau.

 Au menu principal, choisis l'option « Nettoyer ».

 L’outil débute le nettoyage … Laisse-le travailler !

 Le scan achevé, une fenêtre va s’afficher.
 Poste (copie-colle) le rapport qui apparaît à la fin.

 (tu trouveras aussi le rapport sous C:\Ad-report(date).log)

 Note : "Process.exe", une composante de l'outil peut être
 détecté par certains antivirus comme une infection ; donc, ne pas en tenir compte : il s'agit

 -----
 Une fois cela achevé, tu pourras lancer Malwarebytes ...
 




 ----------------------- Ci joint la partie 1 à noter l'outil m'a déactiver la protection web de mon antivirus Avira Antivir V12.0.0.190 ------------

 # AdwCleaner v1.408 - Rapport créé le 07/02/2012 à 00:02:59
 # Mis à jour le 29/01/2012 par Xplode
 # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
 # Nom d'utilisateur : Shot - SN012345678912 (Administrateur)
 # Exécuté depuis : C:\Documents and Settings\Shot\Bureau\adwcleane​r.exe
 # Option [Suppression]


 ***** [Services] *****


 ***** [Fichiers / Dossiers] *****

 Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Viewpoint
 Dossier Supprimé : C:\Documents and Settings\Shot\Application Data\AskToolbar
 Dossier Supprimé : C:\Documents and Settings\Shot\Application Data\Mozilla\Extensions\{ec803​0f7-c20a-464f-9b0e-13a3a9e9738​4}
 Dossier Supprimé : C:\Documents and Settings\Shot\Local Settings\Application Data\AskToolbar
 Dossier Supprimé : C:\Documents and Settings\Shot\Local Settings\Application Data\Conduit
 Dossier Supprimé : C:\Program Files\Ask.com
 Dossier Supprimé : C:\Program Files\Conduit
 Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A​-ABED-442A-BE86-96357B70F4FE}
 Dossier Supprimé : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\ConduitCommon
 Dossier Supprimé : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\extensions\to​olbar@ask.com
 Fichier Supprimé : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 Fichier Supprimé : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\searchplugins​\Askcom.xml
 Fichier Supprimé : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\searchplugins​\Conduit.xml

 ***** [Registre] *****

 

  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.​CT2613520
Clé Supprimée : HKCU\Toolbar
 Clé Supprimée : HKCU\Software\Ask.com
 Clé Supprimée : HKCU\Software\AskToolbar
 Clé Supprimée : HKCU\Software\APN
 Clé Supprimée : HKCU\Software\Conduit
 Clé Supprimée : HKCU\Software\ConduitSearchSco​pes
 Clé Supprimée : HKCU\Software\AppDataLow\Softw​are\Conduit
 Clé Supprimée : HKLM\SOFTWARE\AskToolbar
 Clé Supprimée : HKLM\SOFTWARE\APN
 Clé Supprimée : HKLM\SOFTWARE\Conduit
 Clé Supprimée : HKLM\SOFTWARE\ItsLabel
 Clé Supprimée : HKLM\SOFTWARE\MetaStream
 Clé Supprimée : HKLM\SOFTWARE\Orbit\OpenCandy
 Clé Supprimée : HKLM\SOFTWARE\Classes\GenericA​skToolbar.ToolbarWnd
 Clé Supprimée : HKLM\SOFTWARE\Classes\GenericA​skToolbar.ToolbarWnd.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Ge​nericAskToolbar.DLL
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\So​ftwareUpdate.exe
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9​B0CB95C-933A-4B8C-B6D4-EDCD19A​43874}
 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3​c471948-f874-49f5-b338-4f214a2​ee0b1}
 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0​0000000-6E41-4FD3-8538-502F549​5E5FC}
 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D​4027C7F-154A-4066-A1AD-4243D81​27440}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Installe​r\Products\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé Supprimée : HKLM\SOFTWARE\Classes\Installe​r\Features\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\RFC115​6Agent
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Products\A28B4D​68DEBAA244EB686953B7074FEF
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\System​Certificates\AuthRoot\Certific​ates\2796BAE63F1801E277261BA0D​77770028F20EEE4
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\System​Certificates\AuthRoot\Certific​ates\DE28F4A4FFE5B92FA3C503D1A​349A7F9962A8212
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{6C434537-053E-486D-B62A-160​059D9D456}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{91CF619A-4686-4CA4-9232-3B2​E6B63AA92}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{AC71B60E-94C9-4EDE-BA46-E14​6747BB67E}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{2996F0E7-292B-4CAE-893F-47B8B​1C05B56}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3​-A498-00104B6EB52E}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6​-BFB6-AD540AD427CD}
 Clé Supprimée : HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{afdbdda​a-5d3f-42ee-b79c-185a7020515b}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{D4​027C7F-154A-4066-A1AD-4243D812​7440}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{D4027C7F-154A-4066-A1AD-4243D​8127440}
 Clé Supprimée : HKCU\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\{86​D4B82A-ABED-442A-BE86-96357B70​F4FE}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s NT\CurrentVersion\Image File Execution Options\setup.exe
 Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@​viewpoint.com/VMP
 Valeur Supprimée : HKCU\Software\Microsoft\Intern​et Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5​495E5FC}]
 Valeur Supprimée : HKCU\Software\Microsoft\Intern​et Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D​8127440}]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D​8127440}]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Run [ApnUpdater]

 ***** [Navigateurs] *****

 -\\ Internet Explorer v8.0.6001.18702

 Remplacé : [HKCU\Software\Microsoft\Intern​et Explorer\Main - Start Page] = hxxp://search.conduit.com?Sear​chSource=10&ctid=CT2613520 --> hxxp://www.google.fr

 -\\ Mozilla Firefox v3.6.8 (fr)

 Profil : 8lrhl7pf.default
 Fichier : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\prefs.js

 Supprimée : user_pref("CT2613520..clientLo​gIsEnabled", true);
 Supprimée : user_pref("CT2613520..clientLo​gServiceUrl", "hxxp://clientlog.users.condui​t.com/ClientDiagnostics.as[...]
 Supprimée : user_pref("CT2613520..uninstal​lLogServiceUrl", "hxxp://uninstall.users.condui​t.com/Uninstall.asmx/Re[...]
 Supprimée : user_pref("CT2613520.ALLOW_SHO​WING_HIDDEN_TOOLBAR", false);
 Supprimée : user_pref("CT2613520.AboutPriv​acyUrl", "hxxp://www.conduit.com/privac​y/Default.aspx" );
 Supprimée : user_pref("CT2613520.CTID", "ct2613520" );
 Supprimée : user_pref("CT2613520.CurrentSe​rverDate", "4-2-2012" );
 Supprimée : user_pref("CT2613520.DialogsAl​ignMode", "LTR" );
 Supprimée : user_pref("CT2613520.DialogsGe​tterLastCheckTime", "Sat Feb 04 2012 13:35:58 GMT+0100" );
 Supprimée : user_pref("CT2613520.DownloadR​eferralCookieData", "" );
 Supprimée : user_pref("CT2613520.EMailNoti​fierPollDate", "Sat Feb 04 2012 19:31:23 GMT+0100" );
 Supprimée : user_pref("CT2613520.FirstServ​erDate", "4-12-2010" );
 Supprimée : user_pref("CT2613520.FirstTime​", true);
 Supprimée : user_pref("CT2613520.FirstTime​FF3", true);
 Supprimée : user_pref("CT2613520.FirstTime​SettingsDone", true);
 Supprimée : user_pref("CT2613520.FixPageNo​tFoundErrors", true);
 Supprimée : user_pref("CT2613520.GroupingS​erverCheckInterval", 1440);
 Supprimée : user_pref("CT2613520.GroupingS​erviceUrl", "hxxp://grouping.services.cond​uit.com/" );
 Supprimée : user_pref("CT2613520.HasUserGl​obalKeys", true);
 Supprimée : user_pref("CT2613520.Initializ​e", true);
 Supprimée : user_pref("CT2613520.Initializ​eCommonPrefs", true);
 Supprimée : user_pref("CT2613520.Installat​ionAndCookieDataSentCount", 3);
 Supprimée : user_pref("CT2613520.Installat​ionType", "UnknownIntegration" );
 Supprimée : user_pref("CT2613520.Installed​Date", "Sat Dec 04 2010 11:44:19 GMT+0100" );
 Supprimée : user_pref("CT2613520.IsAlertDB​Updated", true);
 Supprimée : user_pref("CT2613520.IsGroupin​g", false);
 Supprimée : user_pref("CT2613520.IsMultico​mmunity", false);
 Supprimée : user_pref("CT2613520.IsOpenTha​nkYouPage", false);
 Supprimée : user_pref("CT2613520.IsOpenUni​nstallPage", true);
 Supprimée : user_pref("CT2613520.LanguageP​ackLastCheckTime", "Sat Dec 04 2010 11:44:44 GMT+0100" );
 Supprimée : user_pref("CT2613520.LanguageP​ackReloadIntervalMM", 1440);
 Supprimée : user_pref("CT2613520.LanguageP​ackServiceUrl", "hxxp://translation.users.cond​uit.com/Translation.ashx[...]
 Supprimée : user_pref("CT2613520.LastLogin​_2.7.1.3", "Sat Dec 04 2010 11:44:44 GMT+0100" );
 Supprimée : user_pref("CT2613520.LastLogin​_3.3.3.2", "Wed Jun 15 2011 23:24:35 GMT+0200" );
 Supprimée : user_pref("CT2613520.LastLogin​_3.5.0.12", "Tue Aug 16 2011 15:02:57 GMT+0200" );
 Supprimée : user_pref("CT2613520.LastLogin​_3.6.0.10", "Sun Sep 18 2011 18:15:15 GMT+0200" );
 Supprimée : user_pref("CT2613520.LastLogin​_3.8.0.8", "Wed Nov 30 2011 14:45:11 GMT+0100" );
 Supprimée : user_pref("CT2613520.LastLogin​_3.9.0.3", "Sat Feb 04 2012 18:05:11 GMT+0100" );
 Supprimée : user_pref("CT2613520.LatestVer​sion", "3.9.0.3" );
 Supprimée : user_pref("CT2613520.Locale", "fr-fr" );
 Supprimée : user_pref("CT2613520.LoginCach​e", 4);
 Supprimée : user_pref("CT2613520.MCDetectT​ooltipHeight", "83" );
 Supprimée : user_pref("CT2613520.MCDetectT​ooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank​/tooltip/?version=1" );
 Supprimée : user_pref("CT2613520.MCDetectT​ooltipWidth", "295" );
 Supprimée : user_pref("CT2613520.MyStuffEn​abledAtInstallation", false);
 Supprimée : user_pref("CT2613520.RadioIsPo​dcast", false);
 Supprimée : user_pref("CT2613520.RadioMedi​aID", "9962" );
 Supprimée : user_pref("CT2613520.RadioMedi​aType", "Media Player" );
 Supprimée : user_pref("CT2613520.RadioMenu​SelectedID", "EBRadioMenu_CT26135209962" );
 Supprimée : user_pref("CT2613520.RadioShri​nkedFromSetup", false);
 Supprimée : user_pref("CT2613520.RadioStat​ionName", "California%20Rock" );
 Supprimée : user_pref("CT2613520.RadioStat​ionURL", "hxxp://feedlive.net/californi​a.asx" );
 Supprimée : user_pref("CT2613520.SearchEng​ine", "Recherche||hxxp://search.cond​uit.com/Results.aspx?q=UCM_SEA​RCH_[...]
 Supprimée : user_pref("CT2613520.SearchFro​mAddressBarIsInit", true);
 Supprimée : user_pref("CT2613520.SearchFro​mAddressBarUrl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT261[...]
 Supprimée : user_pref("CT2613520.SearchInN​ewTabEnabled", true);
 Supprimée : user_pref("CT2613520.SearchInN​ewTabIntervalMM", 1440);
 Supprimée : user_pref("CT2613520.SearchInN​ewTabServiceUrl", "hxxp://newtab.conduit-hosting​.com/newtab/?ctid=EB_T[...]
 Supprimée : user_pref("CT2613520.SearchInN​ewTabUsageUrl", "hxxp://usage.hosting.toolbar.​conduit-services.com/usa[...]
 Supprimée : user_pref("CT2613520.ServiceMa​pLastCheckTime", "Sat Feb 04 2012 19:31:19 GMT+0100" );
 Supprimée : user_pref("CT2613520.SettingsC​heckIntervalMin", 120);
 Supprimée : user_pref("CT2613520.SettingsL​astCheckTime", "Sat Dec 04 2010 11:44:15 GMT+0100" );
 Supprimée : user_pref("CT2613520.SettingsL​astUpdate", "1291277758" );
 Supprimée : user_pref("CT2613520.ThirdPart​yComponentsInterval", 504);
 Supprimée : user_pref("CT2613520.ThirdPart​yComponentsLastCheck", "Sat Dec 04 2010 11:44:12 GMT+0100" );
 Supprimée : user_pref("CT2613520.ThirdPart​yComponentsLastUpdate", "1255348267" );
 Supprimée : user_pref("CT2613520.ToolbarSh​rinkedFromSetup", false);
 Supprimée : user_pref("CT2613520.TrusteLin​kUrl", "hxxp://trust.conduit.com/CT26​13520" );
 Supprimée : user_pref("CT2613520.TrustedAp​iDomains", "conduit.com,conduit-hosting.c​om,conduit-services.com,clien[...]
 Supprimée : user_pref("CT2613520.UserID", "UN85374177174184363" );
 Supprimée : user_pref("CT2613520.WeatherNe​twork", "" );
 Supprimée : user_pref("CT2613520.WeatherPo​llDate", "Sat Feb 04 2012 19:10:49 GMT+0100" );
 Supprimée : user_pref("CT2613520.WeatherUn​it", "C" );
 Supprimée : user_pref("CT2613520.alertChan​nelId", "1006317" );
 Supprimée : user_pref("CT2613520.clientLog​IsEnabled", false);
 Supprimée : user_pref("CT2613520.clientLog​ServiceUrl", "hxxp://clientlog.users.condui​t.com/ClientDiagnostics.asm[...]
 Supprimée : user_pref("CT2613520.component​s.1000082", true);
 Supprimée : user_pref("CT2613520.component​s.1000234", true);
 Supprimée : user_pref("CT2613520.ct2613520​.AppTrackingLastCheckTime", "Sun Nov 20 2011 23:19:17 GMT+0100" );
 Supprimée : user_pref("CT2613520.ct2613520​.DialogsAlignMode", "LTR" );
 Supprimée : user_pref("CT2613520.ct2613520​.FirstTimeSettingsDone", true);
 Supprimée : user_pref("CT2613520.ct2613520​.InvalidateCache", false);
 Supprimée : user_pref("CT2613520.ct2613520​.LanguagePackLastCheckTime", "Sat Feb 04 2012 13:35:58 GMT+0100" );
 Supprimée : user_pref("CT2613520.ct2613520​.Locale", "fr-fr" );
 Supprimée : user_pref("CT2613520.ct2613520​.RadioLastCheckTime", "Sat Feb 04 2012 13:35:44 GMT+0100" );
 Supprimée : user_pref("CT2613520.ct2613520​.RadioLastUpdateIPServer", "3" );
 Supprimée : user_pref("CT2613520.ct2613520​.RadioLastUpdateServer", "0" );
 Supprimée : user_pref("CT2613520.ct2613520​.SearchEngine", "Recherche||hxxp://search.cond​uit.com/Results.aspx?q=U[...]
 Supprimée : user_pref("CT2613520.ct2613520​.SearchInNewTabLastCheckTime", "Sat Feb 04 2012 13:35:43 GMT+0100" );
 Supprimée : user_pref("CT2613520.ct2613520​.SettingsCheckIntervalMin", 120);
 Supprimée : user_pref("CT2613520.ct2613520​.SettingsLastCheckTime", "Sat Feb 04 2012 18:05:01 GMT+0100" );
 Supprimée : user_pref("CT2613520.ct2613520​.SettingsLastUpdate", "1321973221" );
 Supprimée : user_pref("CT2613520.ct2613520​.ThirdPartyComponentsLastCheck​", "Sun Jan 22 2012 21:57:00 GMT+0100" );
 Supprimée : user_pref("CT2613520.ct2613520​.ThirdPartyComponentsLastUpdat​e", "1255348267" );
 Supprimée : user_pref("CT2613520.ct2613520​.globalFirstTimeInfoLastCheckT​ime", "Sat Feb 04 2012 13:35:58 GMT+0100[...]
 Supprimée : user_pref("CT2613520.ct2613520​.toolbarAppMetaDataLastCheckTi​me", "Sat Feb 04 2012 13:35:58 GMT+0100"[...]
 Supprimée : user_pref("CT2613520.ct2613520​.toolbarContextMenuLastCheckTi​me", "Sun Jan 22 2012 21:57:09 GMT+0100"[...]
 Supprimée : user_pref("CT2613520.generalCo​nfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"So​cialDomains\":\"social.c[...]
 Supprimée : user_pref("CT2613520.homepageP​rotectorEnableByLogin", true);
 Supprimée : user_pref("CT2613520.initDone"​, true);
 Supprimée : user_pref("CT2613520.isAppTrac​kingManagerOn", true);
 Supprimée : user_pref("CT2613520.isFirstRa​dioInstallation", false);
 Supprimée : user_pref("CT2613520.myStuffEn​abled", true);
 Supprimée : user_pref("CT2613520.myStuffPu​blihserMinWidth", 400);
 Supprimée : user_pref("CT2613520.myStuffSe​archUrl", "hxxp://Apps.conduit.com/searc​h?q=SEARCH_TERM&SearchSourceOr[...]
 Supprimée : user_pref("CT2613520.myStuffSe​rviceIntervalMM", 1440);
 Supprimée : user_pref("CT2613520.myStuffSe​rviceUrl", "hxxp://mystuff.conduit-servic​es.com/MyStuffService.ashx?Co[...]
 Supprimée : user_pref("CT2613520.oldAppsLi​st", "129171058074716794,1291710580​74873045,111,12917105807502929​6,129[...]
 Supprimée : user_pref("CT2613520.revertSet​tingsEnabled", true);
 Supprimée : user_pref("CT2613520.searchPro​tectorDialogDelayInSec", 10);
 Supprimée : user_pref("CT2613520.searchPro​tectorEnableByLogin", true);
 Supprimée : user_pref("CT2613520.testingCt​id", "" );
 Supprimée : user_pref("CT2613520.uninstall​LogServiceUrl", "hxxp://uninstall.users.condui​t.com/Uninstall.asmx/Reg[...]
 Supprimée : user_pref("CT2613520.usagesFla​g", 2);
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://Settings.toolbar.sea​rch.conduit.com/root/ct2613520​/CT2613520[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://appsmetadata.toolbar​.conduit-services.com/?ctid=ct​2613520", [...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Got​tenApps&lo[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Oth​erApps&loc[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Sha​redApps&lo[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://contextmenu.toolbar.​conduit-services.com/?name=Too​lbar&local[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.alert​.conduit-services.com/alert/dl​g.pkg", "\[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.engin​e.conduit-services.com/DLG.pkg​?ver=3.3.3[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.3.[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.5.[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.6.[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.8.[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://dynamicdialogs.toolb​ar.conduit-services.com/DLG.pk​g?ver=3.9.[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://servicemap.conduit-s​ervices.com/Toolbar/?ownerId=C​T2613520",[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://settings.engine.cond​uit-services.com/?browser=FF&l​ut=0", "63[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://settings.engine.cond​uit-services.com/?browser=FF&l​ut=3/13/20[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://settings.toolbar.con​duit-services.com/?ctid=ct2613​520&octid=[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://settings.toolbar.sea​rch.conduit.com/root/ct2613520​/CT2613520[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://storage.conduit.com/​20/261/CT2613520/Images/634084​9620311100[...]
 Supprimée : user_pref("CommunityToolbar.ET​ag.hxxp://translation.toolbar.​conduit-services.com/?locale=f​r-fr", "\"[...]
 Supprimée : user_pref("CommunityToolbar.En​gineOwner", "" );
 Supprimée : user_pref("CommunityToolbar.En​gineOwnerGuid", "{d7f26d0e-9801-45c3-a091-8a65​e4ed73b5}" );
 Supprimée : user_pref("CommunityToolbar.En​gineOwnerToolbarId", "protection_zonealarm" );
 Supprimée : user_pref("CommunityToolbar.Is​EngineShown", true);
 Supprimée : user_pref("CommunityToolbar.Is​MyStuffImportedToEngine", true);
 Supprimée : user_pref("CommunityToolbar.La​testLibsPath", "file:///C:\\Documents and Settings\\Shot\\Application [...]
 Supprimée : user_pref("CommunityToolbar.La​testToolbarVersionInstalled", "3.9.0.3" );
 Supprimée : user_pref("CommunityToolbar.Or​iginalEngineOwner", "CT2613520" );
 Supprimée : user_pref("CommunityToolbar.Or​iginalEngineOwnerGuid", "{d7f26d0e-9801-45c3-a091-8a65​e4ed73b5}" );
 Supprimée : user_pref("CommunityToolbar.Or​iginalEngineOwnerToolbarId", "protection_zonealarm" );
 Supprimée : user_pref("CommunityToolbar.Se​archFromAddressBarSavedUrl", "chrome://browser-region/local​e/region.pr[...]
 Supprimée : user_pref("CommunityToolbar.To​olbarsList", "CT2613520" );
 Supprimée : user_pref("CommunityToolbar.To​olbarsList2", "CT2613520" );
 Supprimée : user_pref("CommunityToolbar.al​ert.alertDialogsGetterLastChec​kTime", "Sun Jun 12 2011 18:04:52 GMT+02[...]
 Supprimée : user_pref("CommunityToolbar.al​ert.clientsServerUrl", "hxxp://alert.client.conduit.c​om" );
 Supprimée : user_pref("CommunityToolbar.al​ert.locale", "en" );
 Supprimée : user_pref("CommunityToolbar.al​ert.loginIntervalMin", 1440);
 Supprimée : user_pref("CommunityToolbar.al​ert.loginLastCheckTime", "Wed Jun 15 2011 23:24:24 GMT+0200" );
 Supprimée : user_pref("CommunityToolbar.al​ert.loginLastUpdateTime", "1305622559" );
 Supprimée : user_pref("CommunityToolbar.al​ert.messageShowTimeSec", 20);
 Supprimée : user_pref("CommunityToolbar.al​ert.servicesServerUrl", "hxxp://alert.services.conduit​.com" );
 Supprimée : user_pref("CommunityToolbar.al​ert.showTrayIcon", false);
 Supprimée : user_pref("CommunityToolbar.al​ert.userCloseIntervalMin", 300);
 Supprimée : user_pref("CommunityToolbar.al​ert.userId", "b9378b7a-b189-4b06-9591-2f352​f8be56a" );
 Supprimée : user_pref("CommunityToolbar.fa​cebook.settingsLastCheckTime", "Sat Feb 04 2012 13:35:43 GMT+0100" );
 Supprimée : user_pref("CommunityToolbar.gl​obalUserId", "910c11df-8759-4e70-9171-56888​80c25e1" );
 Supprimée : user_pref("CommunityToolbar.is​AlertUrlAddedToFeedItemTable", true);
 Supprimée : user_pref("CommunityToolbar.is​ClickActionAddedToFeedItemTabl​e", true);
 Supprimée : user_pref("CommunityToolbar.ke​ywordURLSelectedCTID", "CT2613520" );
 Supprimée : user_pref("CommunityToolbar.ki​lledEngine", true);
 Supprimée : user_pref("CommunityToolbar.no​tifications.alertDialogsGetter​LastCheckTime", "Sat Feb 04 2012 13:35:4[...]
 Supprimée : user_pref("CommunityToolbar.no​tifications.clientsServerUrl", "hxxp://alert.client.conduit.c​om" );
 Supprimée : user_pref("CommunityToolbar.no​tifications.locale", "en" );
 Supprimée : user_pref("CommunityToolbar.no​tifications.loginIntervalMin", 1440);
 Supprimée : user_pref("CommunityToolbar.no​tifications.loginLastCheckTime​", "Sat Feb 04 2012 13:35:37 GMT+0100" );
 Supprimée : user_pref("CommunityToolbar.no​tifications.loginLastUpdateTim​e", "1313487611" );
 Supprimée : user_pref("CommunityToolbar.no​tifications.messageShowTimeSec​", 20);
 Supprimée : user_pref("CommunityToolbar.no​tifications.servicesServerUrl"​, "hxxp://alert.services.conduit​.com" );
 Supprimée : user_pref("CommunityToolbar.no​tifications.showTrayIcon", false);
 Supprimée : user_pref("CommunityToolbar.no​tifications.userCloseIntervalM​in", 300);
 Supprimée : user_pref("CommunityToolbar.no​tifications.userId", "55152212-b1a7-4ea4-92b8-4e149​3efb259" );
 Supprimée : user_pref("CommunityToolbar.un​defined", "" );
 Supprimée : user_pref("browser.search.defa​ultengine", "Ask.com" );
 Supprimée : user_pref("browser.search.defa​ultenginename", "Ask.com" );
 Supprimée : user_pref("browser.search.defa​ultthis.engineName", "Protection ZoneAlarm Customized Web Search" );
 Supprimée : user_pref("browser.search.defa​ulturl", "hxxp://search.conduit.com/Res​ultsExt.aspx?ctid=CT2613520&Se​a[...]
 Supprimée : user_pref("browser.search.orde​r.1", "Ask.com" );
 Supprimée : user_pref("browser.search.sele​ctedEngine", "Ask.com" );
 Supprimée : user_pref("extensions.asktb.Av​iraIDW-TS", "1321827558696" );
 Supprimée : user_pref("extensions.asktb.Av​iraIDW-XML", "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<butto​n xm[...]
 Supprimée : user_pref("extensions.asktb.In​stallDir", "C:\\Program Files\\Ask.com\\" );
 Supprimée : user_pref("extensions.asktb.cb​id", "JM" );
 Supprimée : user_pref("extensions.asktb.co​nfig-updated", false);
 Supprimée : user_pref("extensions.asktb.cr​umb", "2011.09.05+23.31.33-toolbar01​3iad-FR-T3JsZWFucyxGcmFuY2U%3D​" );
 Supprimée : user_pref("extensions.asktb.de​fault-channel-url-mask", "hxxp://fr.ask.com/web?q={quer​y}&qsrc={qsrc}&[...]
 Supprimée : user_pref("extensions.asktb.dt​id", "YYYYYYYYFR" );
 Supprimée : user_pref("extensions.asktb.ff​-original-keyword-url", "hxxp://search.conduit.com/Res​ultsExt.aspx?cti[...]
 Supprimée : user_pref("extensions.asktb.fi​rst-launch", true);
 Supprimée : user_pref("extensions.asktb.fi​rst-restart-after-config-updat​e", true);
 Supprimée : user_pref("extensions.asktb.fr​esh-install", false);
 Supprimée : user_pref("extensions.asktb.gu​id", "ad83e039-934e-487a-9d47-97831​3027abd" );
 Supprimée : user_pref("extensions.asktb.hx​xp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.c​om\", \"ask.com[...]
 Supprimée : user_pref("extensions.asktb.if​", "first" );
 Supprimée : user_pref("extensions.asktb.l"​, "dis" );
 Supprimée : user_pref("extensions.asktb.la​st-config-req", "1328566610163" );
 Supprimée : user_pref("extensions.asktb.la​st-v", "3.13.2.100010" );
 Supprimée : user_pref("extensions.asktb.lo​cale", "fr_FR" );
 Supprimée : user_pref("extensions.asktb.lo​cation", "Orleans,France" );
 Supprimée : user_pref("extensions.asktb.no​tification-shown", true);
 Supprimée : user_pref("extensions.asktb.o"​, "100000080" );
 Supprimée : user_pref("extensions.asktb.ov​erlay-reloaded-using-restart", true);
 Supprimée : user_pref("extensions.asktb.qs​rc", "2871" );
 Supprimée : user_pref("extensions.asktb.r"​, "2" );
 Supprimée : user_pref("extensions.asktb.sa​", "YES" );
 Supprimée : user_pref("extensions.asktb.sa​guid", "C05D03B6-DF8C-4D89-B2B8-69589​4DDB2B7" );
 Supprimée : user_pref("extensions.asktb.se​arch-suggestions-enabled", true);
 Supprimée : user_pref("extensions.asktb.si​lent-upgrade", true);
 Supprimée : user_pref("extensions.asktb.si​lent-upgrade-from-pre-newtabs-​build", false);
 Supprimée : user_pref("extensions.asktb.th​emeid", "" );
 Supprimée : user_pref("extensions.asktb.to​", "" );
 Supprimée : user_pref("extensions.asktb.v"​, "3.14.1.100010" );
 Supprimée : user_pref("extensions.enabledA​ddons", "{d7f26d0e-9801-45c3-a091-8a65​e4ed73b5}:3.9.0.3,toolbar@ask.​co[...]
 Supprimée : user_pref("keyword.URL", "hxxp://websearch.ask.com/redi​rect?client=ff&src=kw&tb=AVR-W​1&o=100000080&l[...]

 Profil : oe9kawho.default
 Fichier : C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​oe9kawho.default\prefs.js

 [OK] Le fichier ne contient aucune entrée illégitime.

 *************************

 AdwCleaner[R1].txt - [24592 octets] - [06/02/2012 23:34:35]
 AdwCleaner[S1].txt - [24837 octets] - [07/02/2012 00:02:59]

 *************************

 Dossier Temporaire : 9 dossier(s) et 39 fichier(s) supprimés

 ########## EOF - C:\AdwCleaner[S1].txt - [25059 octets] ##########

n°543400
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/02/2012 à 00:36:53  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
--------------------- Ci après le rapport de la partie 2 ------------------

 ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 Mis à jour par TeamXscript le 12/04/11
 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
 Site web: http://www.teamxscript.org

 C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 00:27:38 le 07/02/2012, Mode normal

 Microsoft Windows XP Édition familiale Service Pack 3 (X86)
 Shot@SN012345678912 ( )
 
 ============== ACTION(S) ==============


 Dossier supprimé: C:\Documents and Settings\Utilisateur\Applicati​on Data\AskToolbar

 (!) -- Fichiers temporaires supprimés.


 -- Fichier ouvert: C:\Documents and Settings\Utilisateur\Applicati​on Data\Mozilla\FireFox\Profiles\​gfyc01vl.default\Prefs.js --
 Ligne supprimée: user_pref("browser.search.defa​ultengine", "Ask.com" );
 Ligne supprimée: user_pref("browser.search.defa​ultenginename", "Ask.com" );
 Ligne supprimée: user_pref("browser.search.orde​r.1", "Ask.com" );
 Ligne supprimée: user_pref("extensions.asktb.ff​-original-keyword-url", "hxxp://search.live.com/result​s.aspx?mkt=fr-fr...
 -- Fichier Fermé --
 

 Clé supprimée: HKLM\Software\Classes\Interfac​e\{B0D071A1-36B3-4757-A126-14C​89C56013A}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{BA57E1EF-64BD-4EB9-9648-C5A​73CBB03B9}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{B4C656C9-F2E9-4E77-B3F4-443DF​2BD778F}
 Clé supprimée: HKLM\Software\Classes\EoRezoBH​O.EoBho
 Clé supprimée: HKLM\Software\Classes\EoRezoBH​O.EoBho.1
 Clé supprimée: HKCU\Software\Toolbar
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{A010717​0-2917-4397-9100-7C5941ADFB70}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{64​F56FC1-1272-44CD-BA6E-39723696​E350}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{D4​027C7F-154A-4066-A1AD-4243D812​7440}


 ============== SCAN ADDITIONNEL ==============

 **** Mozilla Firefox Version [3.6.8 (fr)] ****

 HKLM_MozillaPlugins\@checkpoin​t.com/FFApi (x)
 HKLM_MozillaPlugins\Adobe Reader (x)
 HKLM_MozillaPlugins\yaxmpb@yah​oo.com/YahooActiveXPluginBridg​e;version=1.0.0.1 (x)
 Searchplugins\bing.xml (    hxxp://www.bing.com/search)
 Components\browsercomps.dll (Mozilla Foundation)
 HKLM_Extensions|smartwebprinti​ng@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 HKCU_Extensions|smartwebprinti​ng@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 -- C:\Documents and Settings\Shot\Application Data\Mozilla\FireFox\Profiles\​8lrhl7pf.default --
 Extensions\{d7f26d0e-9801-45c3​-a091-8a65e4ed73b5} (Protection ZoneAlarm Community Toolbar)
 Prefs.js - browser.download.lastDir, E:\\Travail\\Informatique\\Log​iciels\\Utilitaires\\AntiMalwa​re\\AD Remover
 Prefs.js - browser.startup.homepage, file:///E:/Travail/Informatiqu​e/Develop/FrontPage/MonSiteWeb​/index.htm|hxxp://www.infos-du​-net...
 Prefs.js - browser.startup.homepage_overr​ide.buildID, 20120129021758
 Prefs.js - browser.startup.homepage_overr​ide.mstone, rv:10.0

 -- C:\Documents and Settings\Utilisateur\Applicati​on Data\Mozilla\FireFox\Profiles\​gfyc01vl.default --
 Extensions\keefox@chris.tomlin​son (KeeFox)
 Extensions\{6e764c17-863a-450f​-bdd0-6772bd5aaa18} (Media Converter)
 Searchplugins\LiveSearch.xml (    hxxp://search.live.com/results​.aspx)
 Prefs.js - browser.download.dir, E:\\Travail\\Tempo\\Informatiq​ue\\Logiciel
 Prefs.js - browser.download.lastDir, E:\\Travail\\Informatique\\Log​iciels\\Utilitaires
 Prefs.js - browser.search.selectedEngine, Google
 Prefs.js - browser.startup.homepage, E:\\Travail\\Informatique\\Dev​elop\\FrontPage\\MonSiteWeb\\i​ndex.htm
 Prefs.js - browser.startup.homepage_overr​ide.buildID, 20120129021758
 Prefs.js - browser.startup.homepage_overr​ide.mstone, rv:10.0
 Prefs.js - keyword.URL, hxxp://search.live.com/results​.aspx?mkt=fr-fr&FORM=MIMWA1&q=

 ==============================​==========

 **** Internet Explorer Version [8.0.6001.18702] ****

 HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&pver=6&ar=ms​nhome
 HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink​/?linkid=54896
 HKCU_Main|Start Page - hxxp://fr.msn.com/
 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink​/?LinkId=54896
 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.​htm
 HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 HKLM_Main|Start Page - hxxp://fr.msn.com/
 HKCU_Toolbar\WebBrowser|{C55BB​CD6-41AD-48AD-9953-3609C48EACC​7} (C:\Program Files\Orbitdownloader\GrabPro.​dll)
 HKLM_Toolbar|{F2E259E8-0FC8-43​8C-A6E0-342DD80FA53E} (C:\PROGRA~1\COPERN~1\COPERN~1​.DLL)
 HKLM_Toolbar|{B28B4479-D9C2-41​D1-B74D-74A1827037CD} (C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll)
 HKLM_Toolbar|{300BC64A-BF32-4c​c8-8917-91148CEFE700} (c:\progra~1\DropMyRights\Priv​Bar.dll)
 HKLM_Toolbar|{C55BBCD6-41AD-48​AD-9953-3609C48EACC7} (C:\Program Files\Orbitdownloader\GrabPro.​dll)
 HKLM_ElevationPolicy\2C7B74DE-​3A9E-4CD3-A8DB-47411E9680A8 - C:\WINDOWS\system32\VirginMega​\DownloadManagerLightInterface​.exe (VirginMega)
 HKLM_ElevationPolicy\{06DB122E​-3BE4-4CB8-91CA-74494C8C8FBC} - C:\Documents and Settings\Shot\Local Settings\Application Data\Conduit\CT2613520\Protect​ion_ZoneAlarmAutoUpdateHelper.​exe (x)
 HKLM_ElevationPolicy\{4250488A​-CB24-0893-C066-B1AEA57BCFF2} - C:\Program Files\Orbitdownloader\orbitdm.​exe (Orbitdownloader.com)
 HKLM_ElevationPolicy\{84342248​-746E-412B-BEFB-950770C2A78E} - C:\Documents and Settings\Shot\Local Settings\Application Data\Conduit\CT2613520\Protect​ion_ZoneAlarmAutoUpdateHelper.​exe (x)
 HKLM_ElevationPolicy\{FAD42A46​-4172-4FFA-9EAF-24BC0C66B0F2} - C:\Program Files\Protection_ZoneAlarm\Pro​tection_ZoneAlarmToolbarHelper​1.exe (x)
 HKLM_ElevationPolicy\{} - C:\WINDOWS\system32\VirginMega​\Dml_Atl.dll (VirginMega)
 HKLM_Extensions\{DFB852A3-47F8​-48C4-A200-58CAB36FD2A2} - "?" (?)
 HKLM_Extensions\{e2e2dd38-d088​-4134-82b7-f2ba38496583} - "?" (?)
 BHO\{000123B4-9B42-4900-B3F7-F​4B073EFC214} - "Octh Class" (C:\Program Files\Orbitdownloader\orbitcth​.dll)
 BHO\{5C255C8A-E604-49b4-9D64-9​0988571CECB} (?)
 BHO\{64F56FC1-1272-44CD-BA6E-3​9723696E350} (?)
 BHO\{D4027C7F-154A-4066-A1AD-4​243D8127440} (?)

 ==============================​==========

 C:\Program Files\Ad-Remover\Quarantine: 2 Fichier(s)
 C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

 C:\Ad-Report-CLEAN[1].txt - 07/02/2012 00:27:52 (5854 Octet(s))

 Fin à: 00:29:07, 07/02/2012
 
 ============== E.O.F ==============

(Publicité)
n°543401
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/02/2012 à 01:19:48  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
----------- Ci après rapport Malwarebytes en Analyse rapide -----------

 Malwarebytes Anti-Malware 1.60.1.1000
 www.malwarebytes.org

 Version de la base de données: v2012.02.06.06

 Windows XP Service Pack 3 x86 NTFS
 Internet Explorer 8.0.6001.18702
 Shot :: SN012345678912 [administrateur]

 07/02/2012 00:54:33
 mbam-log-2012-02-07 (00-54-33).txt

 Type d'examen: Examen rapide
 Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
 Options d'examen désactivées: P2P
 Elément(s) analysé(s): 222528
 Temps écoulé: 23 minute(s),

 Processus mémoire détecté(s): 0
 (Aucun élément nuisible détecté)

 Module(s) mémoire détecté(s): 0
 (Aucun élément nuisible détecté)

 Clé(s) du Registre détectée(s): 0
 (Aucun élément nuisible détecté)

 Valeur(s) du Registre détectée(s): 0
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre détecté(s): 0
 (Aucun élément nuisible détecté)

 Dossier(s) détecté(s): 0
 (Aucun élément nuisible détecté)

 Fichier(s) détecté(s): 0
 (Aucun élément nuisible détecté)

 (fin)

n°543402
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/02/2012 à 01:21:58  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
Ce sera tout pour ce soir
 Je reviendrai au nouvelle demain
 Merci beaucoup de votre aide
 Je vous souhaite bonne nuit

n°543403
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/02/2012 à 08:41:24  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
Hello,

 OK.

 Relance un scan RSIT et poste, uniquement, le rapport qui s'affiche (log.txt).

 PS : http://forum.telecharger.01net [...] ges-1.html

(Publicité)
n°543404
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/02/2012 à 10:02:06  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 

 

kmisol a écrit :

Hello,

 OK.

 Relance un scan RSIT et poste, uniquement, le rapport qui s'affiche (log.txt).

 PS : http://forum.telecharger.01net [...] ges-1.html
 




 Bonjour,
 Voici le rapport RSIT de ce matin

 Logfile of random's system information tool 1.09 (written by random/random)
 Run by Shot at 2012-02-07 09:59:53
 Microsoft Windows XP Édition familiale Service Pack 3
 System drive C: has 4 GB (14%) free of 30 GB
 Total RAM: 1014 MB (18% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 10:00:42, on 07/02/2012
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\csrss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 C:\WINDOWS\system32\spoolsv.ex​e
 c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
 C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe
 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe
 C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe
 C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e
 c:\APPS\HIDSERVICE\HIDSERVICE.​exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
 C:\WINDOWS\system32\svchost.ex​e
 c:\APPS\Powercinema\Kernel\TV\​CLSched.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\WINDOWS\AGRSMMSG.exe
 C:\WINDOWS\system32\igfxtray.e​xe
 C:\WINDOWS\system32\hkcmd.exe
 C:\WINDOWS\system32\igfxpers.e​xe
 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\SuperCopier2\SuperCopier​2.exe
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
 C:\WINDOWS\System32\alg.exe
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\WINDOWS\system32\taskmgr.ex​e
 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 C:\Program Files\Avira\AntiVir Desktop\sched.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Mozilla Firefox\plugin-container.exe
 C:\Program Files\Mozilla Firefox\plugin-container.exe
 c:\program files\avira\antivir desktop\avcenter.exe
 C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
 C:\Documents and Settings\Shot\Bureau\RSIT.exe
 C:\WINDOWS\system32\wbem\wmipr​vse.exe
 C:\Program Files\trend micro\Shot.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Intern​et Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B07​3EFC214} - C:\Program Files\Orbitdownloader\orbitcth​.dll
 O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695E​CA05670} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-76883​4316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.d​ll
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723​696E350} - (no file)
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - (no file)
 O2 - BHO: Protection ZoneAlarm - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E​116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
 O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL
 O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll
 O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll
 O3 - Toolbar: PrivBar - {300BC64A-BF32-4cc8-8917-91148​CEFE700} - c:\progra~1\DropMyRights\PrivB​ar.dll
 O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.​dll
 O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll
 O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMI​G.EXE" /Spoil /RemAdvDef /Migration32
 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /SYNC
 O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLG​NT\TINTSETP.EXE /IMEName
 O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier​2.exe
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O4 - Global Startup: MonacoGamma.lnk = C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe
 O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/201
 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/204
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPho​tos.scr/200
 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/203
 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt​.dll/202
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36​D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEB​ar.dll
 O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36​D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEB​ar.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1​AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\​IE\offline\fr.htm
 O16 - DPF: {2C7B74DE-3A9E-4CD3-A8DB-47411​E9680A8} (VirginMega.DML.Interface) - http://alice.vm-wl.com/Telecha [...] nLight.cab
 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4​f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelpe​r.dll
 O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-98999​3B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - http://fpdownload2.macromedia. [...] wflash.cab
 O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696​A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips- [...] loader.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O18 - Protocol: bw+0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw+0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9​B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0s - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: offline-8876480 - {47254DEC-7729-40E0-B08D-9EA7A​1A661B9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
 O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe
 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe
 O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\​CLSched.exe
 O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe
 O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.ex​e
 O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
 O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e
 O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.​exe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe
 O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe
 O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLn​ch.exe
 O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.ex​e
 O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
 O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe
 O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe (file missing)
 O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.ex​e
 O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe
 O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.e​xe
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe
 O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.e​xe
 O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService​.exe
 O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\v​smon.exe
 O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
 O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiap​srv.exe
 O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

 --
 End of file - 26829 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AdobeAAMUpdat​er-1.0-SN012345678912-Utilisat​eur.job
 C:\WINDOWS\tasks\ParetoLogic Registration3.job

 =========Mozilla firefox=========

 ProfilePath - C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default

 prefs.js - "browser.search.useDBForOrder" -  true
 prefs.js - "browser.startup.homepage" -  "file:///E:/Travail/Informatiq​ue/Develop/FrontPage/MonSiteWe​b/index.htm|http://www.infos-d​u-net.com/forum/9869-10-ntfs-f​at32|http://www.jurixt.com/xp/​xp_15.htm|http://www.trucs-et-​astuces-windows.com/technique_​pc/choix_ntfs_fat.html"
 prefs.js - "extensions.enabledItems" -  "{20a82645-c095-46ed-80e3-0882​5760534b}:1.2.1, {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20, jqs@sun.com:1.0, smartwebprinting@hp.com:4.51, {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5}:2.7.1.3, {35379F86-8CCB-4724-AE33-4278D​E266C70}:1.0.5, {972ce4c6-7e08-4474-a285-32081​98ce6fd}:3.6.17"

 "{20a82645-c095-46ed-80e3-0882​5760534b}"=C:\WINDOWS\Microsof​t.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\
 "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs​\ff
 "smartwebprinting@hp.com"=C:\P​rogram Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@adobe.com/FlashP​layer]
 "Description"=Adobe® Flash® Player 10.1 Plugin
 "Path"=C:\WINDOWS\system32\Mac​romed\Flash\NPSWF32.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@canon.com/Mycame​raPlugin]
 "Description"=Canon MycameraPlugin
 "Path"=C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@checkpoint.com/F​FApi]
 "Description"=ZoneAlarm Toolbar Api
 "Path"=C:\Program Files\CheckPoint\ZAForceField\​TrustChecker\bin\npFFApi.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@google.com/npPic​asa3,version=3.0.0]
 "Description"=Picasa3 plugin
 "Path"=C:\Program Files\Picasa3\npPicasa3.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@microsoft.com/WL​PG,version=14.0.8117.0416]
 "Description"=WLPG Install MIME type
 "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\@microsoft.com/WP​F,version=3.5]
 "Description"=Windows Presentation Foundation plug-in for Mozilla browsers
 "Path"=C:\WINDOWS\Microsoft.NE​T\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\Adobe Reader]
 "Description"=Handles PDFs in-place in Firefox
 "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zillaPlugins\yaxmpb@yahoo.com/​YahooActiveXPluginBridge;versi​on=1.0.0.1]
 "Description"=Yahoo! activeX Plug-in Bridge
 "Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.d​ll

 C:\Program Files\Mozilla Firefox\extensions\
 {972ce4c6-7e08-4474-a285-32081​98ce6fd}

 C:\Program Files\Mozilla Firefox\components\
 binary.manifest
 browsercomps.dll
 nsIQTScriptablePlugin.xpt

 C:\Program Files\Mozilla Firefox\plugins\
 np-mswmp.dll
 npdeployJava1.dll
 NPOFFICE.DLL
 nppdf32.dll
 nppdf32.FRA
 npqtplugin.dll
 npqtplugin2.dll
 npqtplugin3.dll
 npqtplugin4.dll
 npqtplugin5.dll
 npqtplugin6.dll
 npqtplugin7.dll
 np_gp.dll
 nsIQTScriptablePlugin.xpt
 QuickTimePlugin.class
 WMP Firefox Plugin License.rtf
 WMP Firefox Plugin RelNotes.txt

 C:\Program Files\Mozilla Firefox\searchplugins\
 amazon-france.xml
 bing.xml
 cnrtl-tlfi-fr.xml
 eBay-france.xml
 google.xml
 wikipedia-fr.xml
 yahoo-france.xml

 C:\Documents and Settings\Shot\Application Data\Mozilla\Firefox\Profiles\​8lrhl7pf.default\extensions\
 {20a82645-c095-46ed-80e3-08825​760534b}
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5}

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
 Octh Class - C:\Program Files\Orbitdownloader\orbitcth​.dll [2010-12-08 237681]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
 Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
 HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.d​ll [2009-09-20 328248]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2012-01-03 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
 Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-25 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-05-25 79648]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
 HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - Copernic Agent - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL [2004-12-02 1066968]
 {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - &PixVue - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll [2005-10-02 2420736]
 {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]
 {300BC64A-BF32-4cc8-8917-91148​CEFE700} - PrivBar - c:\progra~1\DropMyRights\PrivB​ar.dll [2005-10-14 233472]
 {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.​dll [2010-12-08 684032]
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "IMJPMIG8.1"=C:\WINDOWS\IME\im​jp8_1\IMJPMIG.EXE [2004-08-05 208952]
 "PHIME2002ASync"=C:\WINDOWS\sy​stem32\IME\TINTLGNT\TINTSETP.E​XE [2004-08-05 455168]
 "PHIME2002A"=C:\WINDOWS\system​32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
 "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDA​ShCut.exe [2005-01-07 61952]
 "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe [2005-06-20 729178]
 "AGRSMMSG"=C:\WINDOWS\AGRSMMSG​.exe [2005-05-11 88204]
 "NeroFilterCheck"=C:\WINDOWS\s​ystem32\NeroCheck.exe [2001-07-09 155648]
 ""= []
 "IgfxTray"=C:\WINDOWS\system32​\igfxtray.exe [2007-01-13 131072]
 "HotKeysCmds"=C:\WINDOWS\syste​m32\hkcmd.exe [2007-01-13 163840]
 "Persistence"=C:\WINDOWS\syste​m32\igfxpers.exe [2007-01-13 135168]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-12-16 258512]
 "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2011-02-18 1043968]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "CTFMON.EXE"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]
 "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier​2.exe [2006-07-07 1052672]
 "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
 "AdobeBridge"= []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e ARM]
 C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2012-01-02 843712]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
 C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\U​pdaterStartupUtility.exe [2011-03-15 499608]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
 C:\Program Files\Fichiers communs\Adobe\CS5.5ServiceMana​ger\CS5.5ServiceManager.exe [2011-01-12 1523360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ASuite]
 F:\OI\Tutorom\Asuite1512\asuit​e.exe []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\DAEM​ON Tools Lite]
 C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\HP Software Update]
 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LDM]
 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe [2007-03-12 36864]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
 C:\Program Files\Fichiers communs\Logitech\LComMgr\Commu​nications_Helper.exe [2006-10-31 284184]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
 C:\Program Files\Logitech\QuickCam10\Quic​kCam10.exe [2006-11-15 746520]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\LVCOMSX]
 C:\Program Files\Fichiers communs\Logitech\LComMgr\LVCom​SX.exe [2006-11-15 244512]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\PCMService]
 c:\Apps\Powercinema\PCMService​.exe [2005-05-11 127118]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\qttask.exe [2007-10-19 286720]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RealTray]
 C:\Program Files\Real\RealPlayer\RealPlay​.exe [2006-06-22 26112]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RetroExpress]
 C:\PROGRA~1\RETROS~1\RETROS~1.​5\RetroExpress.exe [2008-07-16 9499928]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\RTHDCPL]
 C:\WINDOWS\RTHDCPL.EXE [2005-05-25 14477312]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SwitchBoard]
 C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe [2010-02-19 517096]

 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
 MonacoGamma.lnk - C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxdev.dl​l [2007-01-13 204800]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\PixVue]
 C:\Program Files\PixVue.Com\PixVue\bin\Wi​nLogon.DLL [2005-09-23 45056]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
 C:\WINDOWS\system32\WgaLogon.d​ll [2007-03-15 236928]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad]
 WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D52​4869DB5} - C:\WINDOWS\system32\WPDShServi​ceObj.dll [2006-10-18 133632]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa]
 "notification packages"=:\WINDOWS\syste

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\vsmon]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=145

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "NoDriveAutoRun"=67108863
 "NoDriveTypeAutoRun"=255
 "HonorAutoRunSetting"=1

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\Orbitdownloader\orbitdm.​exe"="C:\Program Files\Orbitdownloader\orbitdm.​exe:*:Enabled:Orbit"
 "C:\Program Files\Orbitdownloader\orbitnet​.exe"="C:\Program Files\Orbitdownloader\orbitnet​.exe:*:Enabled:Orbit"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:​\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:En​abled:hpiscnapp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="​C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:​Enabled:hpqgplgtupl.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Ena​bled:hpqgpc01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enab​led:hpqusgm.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enab​led:hpqusgh.exe"
 "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Progra​m Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:h​pwucli.exe"
 "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"​="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:​*:Enabled:smartwebprintexe.exe​"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"
 "C:\WINDOWS\system32\ZoneLabs\​vsmon.exe"="C:\WINDOWS\system3​2\ZoneLabs\vsmon.exe:*:Enabled​:vsmon"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Ena​bled:@xpsp3res.dll,-20000"
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\MSN Messenger\livecall.exe"="C:\Pr​ogram Files\MSN Messenger\livecall.exe:*:Enabl​ed:Windows Live Messenger 8.1 (Phone)"
 "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Ena​bled:hpqtra08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Ena​bled:hpqste08.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Ena​bled:hposid01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Ena​bled:hpqkygrp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Ena​bled:hpfccopy.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Ena​bled:hpoews01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:​\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:En​abled:hpiscnapp.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="​C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:​Enabled:hpqgplgtupl.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\​Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Ena​bled:hpqgpc01.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enab​led:hpqusgm.exe"
 "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\P​rogram Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enab​led:hpqusgh.exe"
 "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Progra​m Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:h​pwucli.exe"
 "C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"​="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:​*:Enabled:smartwebprintexe.exe​"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"​="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:​*:Enabled:Windows Live FolderShare"

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Drivers32]
 "midimapper"=midimap.dll
 "msacm.imaadpcm"=imaadp32.acm
 "msacm.msadpcm"=msadp32.acm
 "msacm.msg711"=msg711.acm
 "msacm.msgsm610"=msgsm32.acm
 "msacm.trspch"=tssoft32.acm
 "vidc.cvid"=iccvid.dll
 "VIDC.I420"=lvcodec2.dll
 "vidc.iv31"=ir32_32.dll
 "vidc.iv32"=ir32_32.dll
 "vidc.iv41"=ir41_32.ax
 "VIDC.IYUV"=iyuv_32.dll
 "vidc.mrle"=msrle32.dll
 "vidc.msvc"=msvidc32.dll
 "VIDC.UYVY"=msyuv.dll
 "VIDC.YUY2"=msyuv.dll
 "VIDC.YVU9"=tsbyuv.dll
 "VIDC.YVYU"=msyuv.dll
 "wavemapper"=msacm32.drv
 "msacm.msg723"=msg723.acm
 "vidc.M263"=msh263.drv
 "vidc.M261"=msh261.drv
 "msacm.msaudio1"=msaud32.acm
 "msacm.sl_anet"=sl_anet.acm
 "msacm.iac2"=C:\WINDOWS\system​32\iac25_32.ax
 "vidc.iv50"=ir50_32.dll
 "msacm.l3acm"=C:\WINDOWS\syste​m32\l3codeca.acm
 "wave"=wdmaud.drv
 "midi"=wdmaud.drv
 "mixer"=wdmaud.drv
 "aux"=wdmaud.drv
 "msacm.siren"=sirenacm.dll
 "MSVideo8"=VfWWDM32.dll
 "MSVideo"=vfwwdm32.dll
 "wave1"=wdmaud.drv
 "midi1"=wdmaud.drv
 "mixer1"=wdmaud.drv
 "aux1"=wdmaud.drv
 "vidc.ptev"=PteVideo.dll
 "VIDC.MPG4"=mpg4c32.dll
 "VIDC.MP42"=mpg4c32.dll

 ======File associations======

 .js - edit -
 .js - open -

 ======List of files/folders created in the last 1 month======

 2012-02-07 00:27:52 ----A---- C:\Ad-Report-CLEAN[1].txt
 2012-02-07 00:27:35 ----D---- C:\Program Files\Ad-Remover
 2012-02-07 00:02:59 ----A---- C:\AdwCleaner[S1].txt
 2012-02-06 23:34:35 ----A---- C:\AdwCleaner[R1].txt
 2012-02-06 23:14:12 ----D---- C:\Program Files\trend micro
 2012-02-06 23:14:11 ----D---- C:\rsit
 2012-02-04 19:23:50 ----A---- C:\WINDOWS\system32\vsregexp.d​ll
 2012-02-04 19:23:47 ----A---- C:\WINDOWS\system32\zlcommdb.d​ll
 2012-02-04 19:23:47 ----A---- C:\WINDOWS\system32\zlcomm.dll
 2012-02-04 19:23:37 ----A---- C:\WINDOWS\system32\vswmi.dll
 2012-02-04 19:23:35 ----A---- C:\WINDOWS\system32\zpeng25.dl​l
 2012-02-04 19:23:35 ----A---- C:\WINDOWS\system32\vsxml.dll
 2012-02-04 19:23:34 ----D---- C:\WINDOWS\system32\ZoneLabs
 2012-02-04 19:23:34 ----A---- C:\WINDOWS\system32\vspubapi.d​ll
 2012-02-04 19:23:34 ----A---- C:\WINDOWS\system32\vsmonapi.d​ll
 2012-02-04 19:23:30 ----A---- C:\WINDOWS\system32\vsdatant.s​ys
 2012-02-04 19:23:29 ----D---- C:\Program Files\Zone Labs
 2012-02-04 19:22:37 ----A---- C:\WINDOWS\system32\vsdata.dll
 2012-02-04 19:22:36 ----A---- C:\WINDOWS\system32\vsutil.dll
 2012-02-04 19:22:36 ----A---- C:\WINDOWS\system32\vsinit.dll
 2012-02-04 19:19:45 ----D---- C:\WINDOWS\Internet Logs
 2012-02-04 18:54:53 ----D---- C:\Program Files\Protection_ZoneAlarm
 2012-02-04 18:54:02 ----AH---- C:\WINDOWS\system32\zllictbl.d​at
 2012-02-04 18:53:51 ----A---- C:\WINDOWS\system32\vsutil_loc​040c.dll
 2012-02-04 13:49:06 ----D---- C:\Documents and Settings\All Users\Application Data\CheckPoint
 2012-01-22 22:21:25 ----D---- C:\Documents and Settings\All Users\Application Data\Retrospect
 2012-01-22 18:25:45 ----D---- C:\Documents and Settings\Shot\Application Data\Avira
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​kmgr.sys
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​ipbb.sys
 2012-01-22 18:07:42 ----A---- C:\WINDOWS\system32\drivers\av​gntflt.sys
 2012-01-22 18:07:17 ----D---- C:\Program Files\Avira
 2012-01-22 18:07:17 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
 2012-01-19 09:13:26 ----HDC---- C:\WINDOWS\$NtUninstallKB25855​42$
 2012-01-16 11:17:59 ----HDC---- C:\WINDOWS\$NtUninstallKB26465​24$
 2012-01-16 11:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB26318​13$
 2012-01-16 11:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB25984​79$
 2012-01-16 11:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB26033​81$
 2012-01-16 11:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB25841​46$

 ======List of files/folders modified in the last 1 month======

 2012-02-07 10:00:16 ----D---- C:\WINDOWS\Temp
 2012-02-07 08:59:25 ----D---- C:\WINDOWS\Prefetch
 2012-02-07 08:42:20 ----D---- C:\WINDOWS\system32\CatRoot2
 2012-02-07 01:23:13 ----A---- C:\WINDOWS\SchedLgU.Txt
 2012-02-07 01:17:51 ----D---- C:\WINDOWS\system32\drivers
 2012-02-07 00:52:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2012-02-07 00:27:35 ----RHD---- C:\Program Files
 2012-02-07 00:03:48 ----SD---- C:\WINDOWS\Tasks
 2012-02-07 00:03:36 ----SHD---- C:\WINDOWS\Installer
 2012-02-06 23:19:33 ----D---- C:\Documents and Settings\Shot\Application Data\Orbit
 2012-02-06 14:39:30 ----SHD---- C:\System Volume Information
 2012-02-06 14:37:46 ----D---- C:\WINDOWS\system32\NtmsData
 2012-02-06 11:41:09 ----D---- C:\Program Files\CRESUS2
 2012-02-06 11:41:09 ----A---- C:\WINDOWS\win.ini
 2012-02-06 10:16:35 ----D---- C:\WINDOWS\Registration
 2012-02-05 21:27:43 ----HD---- C:\WINDOWS
 2012-02-05 11:40:50 ----D---- C:\downloads
 2012-02-04 20:07:50 ----HD---- C:\Config.Msi
 2012-02-04 19:24:00 ----AD---- C:\WINDOWS\system32
 2012-02-04 18:54:04 ----D---- C:\Program Files\CheckPoint
 2012-02-04 13:52:40 ----D---- C:\WINDOWS\WinSxS
 2012-02-04 13:33:58 ----RASH---- C:\BOOT.INI
 2012-02-04 13:33:58 ----A---- C:\WINDOWS\system.ini
 2012-02-04 13:21:55 ----D---- C:\Program Files\Geneatique2012
 2012-02-04 13:20:14 ----D---- C:\Documents and Settings\All Users\Application Data\RetroExp
 2012-02-04 09:57:06 ----A---- C:\WINDOWS\NeroDigital.ini
 2012-02-02 17:14:01 ----D---- C:\Program Files\Mozilla Firefox
 2012-01-22 22:24:30 ----D---- C:\Program Files\Retrospect
 2012-01-22 21:55:50 ----D---- C:\Documents and Settings\Shot\Application Data\HPAppData
 2012-01-22 21:19:07 ----D---- C:\WINDOWS\REPAIR
 2012-01-22 18:43:50 ----HD---- C:\WINDOWS\inf
 2012-01-19 09:31:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
 2012-01-19 09:31:40 ----D---- C:\Program Files\Fichiers communs\Adobe
 2012-01-19 09:14:19 ----RSHD---- C:\WINDOWS\system32\dllcache
 2012-01-19 01:07:43 ----HD---- C:\WINDOWS\$hf_mig$
 2012-01-16 11:18:04 ----A---- C:\WINDOWS\imsins.BAK
 2012-01-16 11:12:58 ----A---- C:\WINDOWS\system32\MRT.exe
 2012-01-16 10:40:47 ----D---- C:\Program Files\Adobe
 2012-01-16 10:37:22 ----D---- C:\Documents and Settings\Shot\Application Data\Adobe

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\ag​p440.sys [2008-04-13 42368]
 R0 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\ag​pCPQ.sys [2008-04-13 44928]
 R0 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\al​im1541.sys [2008-04-13 42752]
 R0 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\am​dagp.sys [2008-04-13 43008]
 R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cb​idf2k.sys [2001-08-17 13952]
 R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\Px​Help20.sys [2009-04-17 44944]
 R0 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\si​sagp.sys [2008-04-13 40960]
 R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sp​td.sys [2011-06-02 431672]
 R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\vi​aagp.sys [2008-04-13 42240]
 R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\av​kmgr.sys [2011-12-16 36000]
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQ​NTDrv.sys [2002-09-16 4228]
 R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ss​mdrv.sys [2010-06-17 28520]
 R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\AS​CTRM.sys [2006-06-22 8552]
 R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\av​gntflt.sys [2011-12-16 74640]
 R2 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.s​ys [2010-05-13 532224]
 R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Af​c.sys [2005-02-23 11776]
 R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AG​RSM.sys [2005-05-13 1094881]
 R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2008-04-13 144384]
 R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ig​xpmp32.sys [2007-01-13 5672032]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2005-05-25 3134976]
 R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LV​Pr2Mon.sys [2006-11-15 24736]
 R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2001-08-23 12288]
 R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​lnicxp.sys [2005-03-04 74496]
 R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\Sy​nTP.sys [2005-06-20 190400]
 R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w2​9n51.sys [2004-10-29 3222784]
 R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wa​natw4.sys [2003-01-10 33588]
 R4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws​2ifsl.sys [2004-08-05 12032]
 S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\s​rescan.sys []
 S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\av​ipbb.sys [2011-12-16 134856]
 S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kb​dhid.sys [2008-04-14 14720]
 S2 adfs;adfs; C:\WINDOWS\system32\drivers\ad​fs.sys []
 S3 avaqliju;avaqliju; C:\WINDOWS\system32\drivers\av​aqliju.sys []
 S3 catchme;catchme; \??\C:\DOCUME~1\UTILIS~1\LOCAL​S~1\Temp\catchme.sys []
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\Hd​Audio.sys [2005-01-07 145920]
 S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HP​Zid412.sys [2008-10-28 49920]
 S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HP​Zipr12.sys [2008-10-28 16496]
 S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HP​Zius12.sys [2008-10-28 21568]
 S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LV​cKap.sys [2006-11-15 1678368]
 S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LV​MVDrv.sys [2006-11-15 1962912]
 S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lv​usbsta.sys [2006-11-11 40352]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov​530vid.sys []
 S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv​302af.sys [2006-11-11 13344]
 S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV​302V32.SYS [2006-11-11 933536]
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\us​baudio.sys [2008-04-13 60032]
 S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\Wu​dfPf.sys [2006-09-28 77568]
 S3 X-Rite;X-Rite USB Service; C:\WINDOWS\system32\DRIVERS\Xr​Usb.sys [2003-11-06 14936]
 S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\Shot\LOCALS~1\​Temp\mc21.tmp []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 AntiVirSchedulerService;Avira Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-12-16 86224]
 R2 AntiVirService;Avira Protection temps réel; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-12-16 110032]
 R2 AntiVirWebService;Avira Protection Web; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-16 463824]
 R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\A​OLacsd.exe [2004-04-08 1135728]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2007-10-31 110592]
 R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\​CLCapSvc.exe [2005-05-11 221266]
 R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\​CLSched.exe [2005-05-11 110672]
 R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServe​r.exe [2005-05-11 61440]
 R2 EpsonBidirectionalService;Epso​nBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2002-01-29 77824]
 R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.ex​e [2002-07-17 94208]
 R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.​exe [2005-01-07 49152]
 R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-25 153376]
 R2 LVPrcSrv;Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcS​rv.exe [2006-11-15 109344]
 R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 R2 PixVue;PixVue; C:\Program Files\PixVue.Com\PixVue\bin\Da​emon.exe [2005-10-02 151552]
 R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 R2 RetroExpLauncher;Retrospect Express HD Launcher; C:\Program Files\Retrospect\Retrospect Express HD 2.5\retrorun.exe [2008-07-16 115992]
 R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\v​smon.exe [2011-02-18 2435592]
 R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLn​ch.exe [2006-11-15 101152]
 S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUS​chedulerSvc.exe []
 S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2008-11-20 136120]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1​150\Intel 32\IDriverT.exe [2005-11-14 69632]
 S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
 S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]
 S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
 S3 SwitchBoard;SwitchBoard; C:\Program Files\Fichiers communs\Adobe\SwitchBoard\Swit​chBoard.exe [2010-02-19 517096]
 S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService​.exe [2006-12-14 544768]
 S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
 S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 -----------------EOF----------​-------

n°543405
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 07/02/2012 à 19:50:48  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
Hello,

 



[HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {F2E259E8-0FC8-438C-A6E0-342DD​80FA53E} - Copernic Agent - C:\PROGRA~1\COPERN~1\COPERN~1.​DLL [2004-12-02 1066968]
 {B28B4479-D9C2-41D1-B74D-74A18​27037CD} - &PixVue - C:\Program Files\PixVue.Com\PixVue\bin\Pi​xVue.dll [2005-10-02 2420736]
 {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Install​s\cpn\yt.dll [2006-10-26 440384]
 {300BC64A-BF32-4cc8-8917-91148​CEFE700} - PrivBar - c:\progra~1\DropMyRights\PrivB​ar.dll [2005-10-14 233472]
 {C55BBCD6-41AD-48AD-9953-3609C​48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.​dll [2010-12-08 684032]
 {d7f26d0e-9801-45c3-a091-8a65e​4ed73b5} - Protection ZoneAlarm Toolbar - C:\Program Files\Protection_ZoneAlarm\prx​tbProt.dll [2011-05-09 176936]
 



 Est-ce vraiment utile toutes ces toolbars !?

 Ces barres d'outils sont souvent la cause de ralentissement(s) ...

 --> Les toolbars, c'est pas obligatoire! <--

 -----
 Télécharge SX Check&Update sur le bureau.

 Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours !

 Double-clique sur SXC&U.exe situé sur ton Bureau pour lancer l'outil.

 Au menu pricipal, choisis l'option Rapport.

 Un rapport va s'afficher.

 Ce rapport va, peut-être, t'indiquer que les programmes ne sont pas à jour.

 Il suffit, alors, de cliquer sur le bouton correspondant pour lancer la(les) mise(s) à jour.

 http://forum.security-x.fr/tut [...] eckupdate/

 Pense à réactiver ton antivirus.

 -----
 Télécharge, installe et mets à jour Malwarebytes Anti-malware.

 Puis, exécute un scan complet.

 Une fois le scan achevé, si MalwareByte's a détecté des infections, clique sur Afficher les résultats, puis sur Supprimer la sélection.

 Poste le rapport.

n°543406
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 07/02/2012 à 23:54:21  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
je viens de lire ton mail à l'instant 23h50 je fais la manip demain matin
 Quant aux toolbar je dois réinstaller le toobar Avira pour pouvoir activer la protection Web. Parmi ceux que tu cites seul le plug-in PixVue me sert (il permet de lire les métadonnées des fichiers jpeg)

n°543407
Imagine ...
Profil : Equipe sécurité
kmisol
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 08/02/2012 à 00:02:10  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
...

 Alors, ...

 via Démarrer > Panneau de config. > Ajout/suppres... de programmes,

 supprime :

 Copernic Agent,
 Grab Pro,
 PrivBar,
 Protection ZoneAlarm Toolbar
 Yahoo! Toolbar avec bloqueur de fenêtres pop-up.

n°543408
info45
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 09/02/2012 à 09:53:28  
  2. answer
  2. Prévenir les modérateurs en cas d'abus
 
Bonjour,
 J'ai désinstaller les toolbars superflues en revanche je n'arrive pas à désinstaller "Protection ZoneAlarm Toolbar" lorsque je clique désinstaller rien ne se passe j'ai essayé avec ZoneAlarm activé puis désactivé rien à faire.

 J'ai mis à jour Flash & Java

 Ci-après mon rapport MalwareBytes
 ------------------------------​------------------------------​---------------
 Malwarebytes Anti-Malware 1.60.1.1000
 www.malwarebytes.org

 Version de la base de données: v2012.02.08.01

 Windows XP Service Pack 3 x86 NTFS
 Internet Explorer 8.0.6001.18702
 Shot :: SN012345678912 [administrateur]

 08/02/2012 09:38:38
 mbam-log-2012-02-08 (09-38-38).txt

 Type d'examen: Examen complet
 Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
 Options d'examen désactivées: P2P
 Elément(s) analysé(s): 437567
 Temps écoulé: 5 heure(s), 24 minute(s), 36 seconde(s)

 Processus mémoire détecté(s): 0
 (Aucun élément nuisible détecté)

 Module(s) mémoire détecté(s): 0
 (Aucun élément nuisible détecté)

 Clé(s) du Registre détectée(s): 0
 (Aucun élément nuisible détecté)

 Valeur(s) du Registre détectée(s): 0
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre détecté(s): 0
 (Aucun élément nuisible détecté)

 Dossier(s) détecté(s): 0
 (Aucun élément nuisible détecté)

 Fichier(s) détecté(s): 1
 E:\Travail\Informatique\Logici​els\Bureautique\Office2007\Eol​ia\VEBKGBWSQIFI2007\VEBKGBWSQI​FI2007\VEBKGBWSQIFI2007.exe (Hacktool.Agent) -> Mis en quarantaine et supprimé avec succès.

 (fin)

 Page :
1
Haut de page 

Ajouter une réponse
S'inscrireAide
Aller à :
 

Sujets relatifs
pc lent Ordinateur lent UC=100%
Résolu: Ordinateur lent et mots soulignées en vert PC tres lent au demarrage (sur le bureau) =>RESOLU
mon ordinateur est trop lent  
Plus de sujets relatifs à : PC lent

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Virus Ukash 13
problèmes pub 2
backdoor.win32.sinowal.knf 15
Logiciel malveillant TR/Agent.avx 7
wshelper.dll ne peut être chargée. 21

Page générée en 0,261 secondes
Telecharger.com et 01net : Téléchargement gratuit de logiciels, drivers à télécharger